Vulnerabilities > Files or Directories Accessible to External Parties
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-09-02 | CVE-2021-34765 | Files or Directories Accessible to External Parties vulnerability in Cisco Nexus Insights A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. | 4.3 |
2021-08-31 | CVE-2021-36233 | Files or Directories Accessible to External Parties vulnerability in Unit4 Mik.Starlight 7.9.5.24363 The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path. | 6.5 |
2021-08-20 | CVE-2020-25351 | Files or Directories Accessible to External Parties vulnerability in Rconfig 3.9.5 An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. | 6.5 |
2021-08-18 | CVE-2020-22124 | Files or Directories Accessible to External Parties vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0 A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information. | 7.5 |
2021-08-16 | CVE-2021-38711 | Files or Directories Accessible to External Parties vulnerability in Gitit Project Gitit In gitit before 0.15.0.0, the Export feature can be exploited to leak information from files. | 7.5 |
2021-08-13 | CVE-2021-37348 | Files or Directories Accessible to External Parties vulnerability in Nagios XI Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php. | 7.5 |
2021-08-05 | CVE-2021-29969 | Files or Directories Accessible to External Parties vulnerability in Mozilla Thunderbird If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. | 5.9 |
2021-08-03 | CVE-2021-36763 | Files or Directories Accessible to External Parties vulnerability in Codesys products In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties. | 7.5 |
2021-07-09 | CVE-2021-32752 | Files or Directories Accessible to External Parties vulnerability in Ethercreative Logs Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. | 4.9 |
2021-06-09 | CVE-2021-33359 | Files or Directories Accessible to External Parties vulnerability in Sensepost Gowitness A vulnerability exists in gowitness < 2.3.6 that allows an unauthenticated attacker to perform an arbitrary file read using the file:// scheme in the url parameter to get an image of any file. | 7.5 |