Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-24 | CVE-2022-25104 | Files or Directories Accessible to External Parties vulnerability in Horizontcms Project Horizontcms 1.0.0 HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/. | 7.5 |
| 2022-02-21 | CVE-2022-25297 | Files or Directories Accessible to External Parties vulnerability in Drogon This affects the package drogonframework/drogon before 1.7.5. | 8.8 |
| 2022-02-18 | CVE-2022-25299 | Files or Directories Accessible to External Parties vulnerability in Cesanta Mongoose This affects the package cesanta/mongoose before 7.6. | 7.5 |
| 2022-02-09 | CVE-2022-24694 | Files or Directories Accessible to External Parties vulnerability in Mahara In Mahara 20.10 before 20.10.4, 21.04 before 21.04.3, and 21.10 before 21.10.1, the names of folders in the Files area can be seen by a person not owning the folders. | 4.3 |
| 2022-02-07 | CVE-2021-25004 | Files or Directories Accessible to External Parties vulnerability in Seur Oficial Project Seur Oficial The SEUR Oficial WordPress plugin before 1.7.2 creates a PHP file with a random name when installed, even though it is used for support purposes, it allows to download any file from the web server without restriction after knowing the URL and a password than an administrator can see in the plugin settings page. | 4.9 |
| 2022-02-04 | CVE-2021-44983 | Files or Directories Accessible to External Parties vulnerability in Taogogo Taocms 3.0.1 In taocms 3.0.1 after logging in to the background, there is an Arbitrary file download vulnerability at the File Management column. | 4.9 |
| 2022-02-04 | CVE-2022-23316 | Files or Directories Accessible to External Parties vulnerability in Taogogo Taocms 3.0.2 An issue was discovered in taoCMS v3.0.2. | 4.9 |
| 2022-01-28 | CVE-2022-21236 | Files or Directories Accessible to External Parties vulnerability in Reolink Rlc-410W Firmware 3.0.0.13620121102 An information disclosure vulnerability exists due to a web server misconfiguration in the Reolink RLC-410W v3.0.0.136_20121102. | 7.5 |
| 2022-01-18 | CVE-2022-0244 | Files or Directories Accessible to External Parties vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting with 14.5. | 7.5 |
| 2022-01-10 | CVE-2022-22267 | Files or Directories Accessible to External Parties vulnerability in Google Android Implicit Intent hijacking vulnerability in ActivityMetricsLogger prior to SMR Jan-2022 Release 1 allows attackers to get running application information. | 3.3 |