Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-17 | CVE-2021-40149 | Files or Directories Accessible to External Parties vulnerability in Reolink E1 Zoom Firmware 3.0.0.716 The web server of the E1 Zoom camera through 3.0.0.716 discloses its SSL private key via the root web server directory. | 5.9 |
| 2022-07-12 | CVE-2022-33686 | Files or Directories Accessible to External Parties vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | 2.3 |
| 2022-07-06 | CVE-2022-24138 | Files or Directories Accessible to External Parties vulnerability in Iobit Advanced Systemcare 15 IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. | 7.8 |
| 2022-05-26 | CVE-2022-29720 | Files or Directories Accessible to External Parties vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php. | 7.5 |
| 2022-05-25 | CVE-2022-30428 | Files or Directories Accessible to External Parties vulnerability in Ginadmin Project Ginadmin 1.0.1/20220510 In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading. | 7.5 |
| 2022-05-24 | CVE-2021-3717 | Files or Directories Accessible to External Parties vulnerability in Redhat products A flaw was found in Wildfly. | 7.8 |
| 2022-05-20 | CVE-2022-29447 | Files or Directories Accessible to External Parties vulnerability in Wow-Company Hover Effects Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress. | 7.2 |
| 2022-05-19 | CVE-2022-29446 | Files or Directories Accessible to External Parties vulnerability in Wow-Company Counter BOX 1.0/1.1/1.1.1 Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress. | 7.2 |
| 2022-05-17 | CVE-2021-42644 | Files or Directories Accessible to External Parties vulnerability in Cmseasy 7.7.520211012 cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. | 6.5 |
| 2022-05-12 | CVE-2022-29302 | Files or Directories Accessible to External Parties vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.00 SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php. | 5.5 |