Vulnerabilities > Files or Directories Accessible to External Parties
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-15 | CVE-2023-41916 | Files or Directories Accessible to External Parties vulnerability in Apache Linkis 1.4.0/1.5.0 In Apache Linkis =1.4.0, due to the lack of effective filtering of parameters, an attacker configuring malicious Mysql JDBC parameters in the DataSource Manager Module will trigger arbitrary file reading. | 6.5 |
2024-07-05 | CVE-2024-6209 | Files or Directories Accessible to External Parties vulnerability in ABB products Unauthorized file access in WEB Server in ABB ASPECT - Enterprise v <=3.08.01; NEXUS Series v <=3.08.01 ; MATRIX Series v<=3.08.01 allows Attacker to access files unauthorized | 7.5 |
2024-06-05 | CVE-2024-5262 | Files or Directories Accessible to External Parties vulnerability in Projectdiscovery Interactsh Files or Directories Accessible to External Parties vulnerability in smb server in ProjectDiscovery Interactsh allows remote attackers to read/write any files in the directory and subdirectories of where the victim runs interactsh-server via anonymous login. | 9.8 |
2024-02-06 | CVE-2024-22240 | Files or Directories Accessible to External Parties vulnerability in VMWare Aria Operations for Networks Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information. | 4.9 |
2024-02-02 | CVE-2024-24161 | Files or Directories Accessible to External Parties vulnerability in Mrcms 3.0 MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming path parameter is not filtered. | 7.5 |
2024-01-29 | CVE-2023-4550 | Files or Directories Accessible to External Parties vulnerability in Opentext Appbuilder 21.2 Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. | 7.5 |
2024-01-29 | CVE-2024-1005 | Files or Directories Accessible to External Parties vulnerability in Shanxi Tianneng Technology Noderp A vulnerability has been found in Shanxi Diankeyun Technology NODERP up to 6.0.2 and classified as critical. | 7.5 |
2024-01-16 | CVE-2023-52112 | Files or Directories Accessible to External Parties vulnerability in Huawei Emui and Harmonyos Unauthorized file access vulnerability in the wallpaper service module. | 5.3 |
2024-01-11 | CVE-2023-6266 | Files or Directories Accessible to External Parties vulnerability in Backupbliss Backup Migration The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. | 7.5 |
2023-12-26 | CVE-2023-6114 | Files or Directories Accessible to External Parties vulnerability in Awesomemotive Duplicator The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. | 7.5 |