Vulnerabilities > Files or Directories Accessible to External Parties

DATE CVE VULNERABILITY TITLE RISK
2022-05-25 CVE-2022-30428 Files or Directories Accessible to External Parties vulnerability in Ginadmin Project Ginadmin 1.0.1/20220510
In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading.
network
low complexity
ginadmin-project CWE-552
7.5
2022-05-24 CVE-2021-3717 Files or Directories Accessible to External Parties vulnerability in Redhat products
A flaw was found in Wildfly.
local
low complexity
redhat CWE-552
7.8
2022-05-20 CVE-2022-29447 Files or Directories Accessible to External Parties vulnerability in Wow-Company Hover Effects
Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress.
network
low complexity
wow-company CWE-552
7.2
2022-05-19 CVE-2022-29446 Files or Directories Accessible to External Parties vulnerability in Wow-Company Counter BOX 1.0/1.1/1.1.1
Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress.
network
low complexity
wow-company CWE-552
7.2
2022-05-17 CVE-2021-42644 Files or Directories Accessible to External Parties vulnerability in Cmseasy 7.7.520211012
cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability.
network
low complexity
cmseasy CWE-552
6.5
2022-05-12 CVE-2022-29302 Files or Directories Accessible to External Parties vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.00
SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php.
local
low complexity
contec CWE-552
5.5
2022-05-05 CVE-2022-28462 Files or Directories Accessible to External Parties vulnerability in Xxyopen Novel-Plus 3.6.0
novel-plus 3.6.0 suffers from an Arbitrary file reading vulnerability.
network
low complexity
xxyopen CWE-552
7.5
2022-04-21 CVE-2022-28445 Files or Directories Accessible to External Parties vulnerability in Kitesky Kitecms 1.1.1
KiteCMS v1.1.1 was discovered to contain an arbitrary file read vulnerability via the background management module.
network
low complexity
kitesky CWE-552
6.5
2022-04-11 CVE-2022-27837 Files or Directories Accessible to External Parties vulnerability in Samsung Accessibility 12.5.3.2
A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.
local
low complexity
samsung CWE-552
7.8
2022-04-09 CVE-2022-26877 Files or Directories Accessible to External Parties vulnerability in Asana Desktop
Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page.
network
low complexity
asana CWE-552
6.5