Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-33686 | Files or Directories Accessible to External Parties vulnerability in Google Android 10.0/11.0/12.0 Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local attacker to access iccid via log. | 2.3 |
| 2022-07-06 | CVE-2022-24138 | Files or Directories Accessible to External Parties vulnerability in Iobit Advanced Systemcare 15 IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. | 7.8 |
| 2022-06-24 | CVE-2022-32143 | Files or Directories Accessible to External Parties vulnerability in Codesys Plcwinnt and Runtime Toolkit In multiple CODESYS products, file download and upload function allows access to internal files in the working directory e.g. | 8.8 |
| 2022-05-26 | CVE-2022-29720 | Files or Directories Accessible to External Parties vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php. | 7.5 |
| 2022-05-25 | CVE-2022-30428 | Files or Directories Accessible to External Parties vulnerability in Ginadmin Project Ginadmin 1.0.1/20220510 In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading. | 7.5 |
| 2022-05-24 | CVE-2021-3717 | Files or Directories Accessible to External Parties vulnerability in Redhat products A flaw was found in Wildfly. | 7.8 |
| 2022-05-20 | CVE-2022-29447 | Files or Directories Accessible to External Parties vulnerability in Wow-Company Hover Effects Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress. | 7.2 |
| 2022-05-19 | CVE-2022-29446 | Files or Directories Accessible to External Parties vulnerability in Wow-Company Counter BOX 1.0/1.1/1.1.1 Authenticated (administrator or higher role) Local File Inclusion (LFI) vulnerability in Wow-Company's Counter Box plugin <= 1.1.1 at WordPress. | 7.2 |
| 2022-05-17 | CVE-2021-42644 | Files or Directories Accessible to External Parties vulnerability in Cmseasy 7.7.520211012 cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerability. | 6.5 |
| 2022-05-12 | CVE-2022-29302 | Files or Directories Accessible to External Parties vulnerability in Contec Sv-Cpt-Mc310 Firmware 6.00 SolarView Compact ver.6.00 was discovered to contain a local file disclosure via /html/Solar_Ftp.php. | 5.5 |