Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-07 | CVE-2020-15175 | Files or Directories Accessible to External Parties vulnerability in Glpi-Project Glpi In GLPI before version 9.5.2, the `?pluginimage.send.php?` endpoint allows a user to specify an image from a plugin. | 9.1 |
| 2020-10-05 | CVE-2020-25636 | Files or Directories Accessible to External Parties vulnerability in Redhat Ansible 2.10.1 A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. | 7.1 |
| 2020-09-30 | CVE-2020-13953 | Files or Directories Accessible to External Parties vulnerability in Apache Tapestry In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run. | 5.3 |
| 2020-09-24 | CVE-2020-3476 | Files or Directories Accessible to External Parties vulnerability in Cisco IOS 16.10.1/16.9 A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. | 3.6 |
| 2020-08-26 | CVE-2020-24312 | Files or Directories Accessible to External Parties vulnerability in Webdesi9 File Manager mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fm_backups directory with a .htaccess file. | 7.5 |
| 2020-08-11 | CVE-2020-11976 | Files or Directories Accessible to External Parties vulnerability in Apache Fortress and Wicket By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. | 7.5 |
| 2020-07-07 | CVE-2020-4075 | Files or Directories Accessible to External Parties vulnerability in Electronjs Electron 7.0.0/8.0.0/9.0.0 In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary local file read is possible by defining unsafe window options on a child window opened via window.open. | 2.1 |
| 2020-07-06 | CVE-2020-5356 | Files or Directories Accessible to External Parties vulnerability in Dell products Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. | 4.0 |
| 2020-06-03 | CVE-2020-3267 | Files or Directories Accessible to External Parties vulnerability in Cisco Unified Contact Center Express A vulnerability in the API subsystem of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to change the availability state of any agent. | 5.5 |
| 2020-06-03 | CVE-2020-10516 | Files or Directories Accessible to External Parties vulnerability in Github An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. | 7.5 |