Vulnerabilities > Files or Directories Accessible to External Parties

DATE CVE VULNERABILITY TITLE RISK
2020-09-24 CVE-2020-3476 Files or Directories Accessible to External Parties vulnerability in Cisco IOS 16.10.1/16.9
A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system.
local
low complexity
cisco CWE-552
6.0
6.0
2020-08-26 CVE-2020-24312 Files or Directories Accessible to External Parties vulnerability in Webdesi9 File Manager
mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fm_backups directory with a .htaccess file.
network
low complexity
webdesi9 CWE-552
7.5
7.5
2020-08-11 CVE-2020-11976 Files or Directories Accessible to External Parties vulnerability in Apache Fortress and Wicket
By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates.
network
low complexity
apache CWE-552
7.5
7.5
2020-07-07 CVE-2020-4075 Files or Directories Accessible to External Parties vulnerability in Electronjs Electron
In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open.
network
low complexity
electronjs CWE-552
7.5
7.5
2020-07-06 CVE-2020-5356 Files or Directories Accessible to External Parties vulnerability in Dell products
Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability.
network
low complexity
dell CWE-552
6.5
6.5
2020-06-03 CVE-2020-3267 Files or Directories Accessible to External Parties vulnerability in Cisco Unified Contact Center Express
A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent.
network
low complexity
cisco CWE-552
7.1
7.1
2020-06-03 CVE-2020-10516 Files or Directories Accessible to External Parties vulnerability in Github
An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization.
network
low complexity
github CWE-552
critical
 9.8
9.8
2020-05-11 CVE-2020-12743 Files or Directories Accessible to External Parties vulnerability in Gazie Project Gazie
An issue was discovered in Gazie 7.32.
network
low complexity
gazie-project CWE-552
critical
 9.8
9.8
2020-04-29 CVE-2020-12470 Files or Directories Accessible to External Parties vulnerability in Mono Monox 5.1.40.5152
MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.
network
low complexity
mono CWE-552
7.2
7.2
2020-04-17 CVE-2019-7306 Files or Directories Accessible to External Parties vulnerability in multiple products
Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords.
network
low complexity
byobu canonical CWE-552
7.5
7.5