Vulnerabilities > Files or Directories Accessible to External Parties

DATE CVE VULNERABILITY TITLE RISK
2022-02-04 CVE-2021-44983 Files or Directories Accessible to External Parties vulnerability in Taogogo Taocms 3.0.1
In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download vulnerability at the File Management column.
network
low complexity
taogogo CWE-552
4.9
2022-02-04 CVE-2022-23316 Files or Directories Accessible to External Parties vulnerability in Taogogo Taocms 3.0.2
An issue was discovered in taoCMS v3.0.2.
network
low complexity
taogogo CWE-552
4.9
2022-01-28 CVE-2022-21236 Files or Directories Accessible to External Parties vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102
An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102.
network
low complexity
reolink CWE-552
7.5
2022-01-18 CVE-2022-0244 Files or Directories Accessible to External Parties vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5.
network
low complexity
gitlab CWE-552
7.5
2022-01-10 CVE-2022-22267 Files or Directories Accessible to External Parties vulnerability in Google Android
Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information.
local
low complexity
google CWE-552
3.3
2022-01-10 CVE-2022-22268 Files or Directories Accessible to External Parties vulnerability in Google Android
Incorrect implementation of Knox Guard prior to SMR Jan-2022 Release 1 allows physically proximate attackers to temporary unlock the Knox Guard via Samsung DeX mode.
low complexity
google CWE-552
6.1
2022-01-10 CVE-2022-22269 Files or Directories Accessible to External Parties vulnerability in Google Android 10.0/11.0/9.0
Keeping sensitive data in unprotected BluetoothSettingsProvider prior to SMR Jan-2022 Release 1 allows untrusted applications to get a local Bluetooth MAC address.
local
low complexity
google CWE-552
3.3
2022-01-10 CVE-2022-22270 Files or Directories Accessible to External Parties vulnerability in Google Android 10.0/11.0/9.0
An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.
local
low complexity
google CWE-552
3.3
2022-01-03 CVE-2021-20148 Files or Directories Accessible to External Parties vulnerability in Zohocorp Manageengine Adselfservice Plus
ManageEngine ADSelfService Plus below build 6116 stores the password policy file for each domain under the html/ web root with a predictable filename based on the domain name.
network
low complexity
zohocorp CWE-552
4.3
2021-12-16 CVE-2021-44315 Files or Directories Accessible to External Parties vulnerability in PHPgurukul BUS Pass Management System 1.0
In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.
network
low complexity
phpgurukul CWE-552
7.5