Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2024-24161 | Files or Directories Accessible to External Parties vulnerability in Mrcms 3.0 MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming path parameter is not filtered. | 7.5 |
| 2024-01-29 | CVE-2023-4550 | Files or Directories Accessible to External Parties vulnerability in Opentext Appbuilder 21.2 Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. | 7.5 |
| 2024-01-16 | CVE-2023-52112 | Files or Directories Accessible to External Parties vulnerability in Huawei Emui and Harmonyos Unauthorized file access vulnerability in the wallpaper service module. | 5.3 |
| 2024-01-11 | CVE-2023-6266 | Files or Directories Accessible to External Parties vulnerability in Backupbliss Backup Migration The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. | 7.5 |
| 2023-12-26 | CVE-2023-6114 | Files or Directories Accessible to External Parties vulnerability in Awesomemotive Duplicator The Duplicator WordPress plugin before 1.5.7.1, Duplicator Pro WordPress plugin before 4.5.14.2 does not disallow listing the `backups-dup-lite/tmp` directory (or the `backups-dup-pro/tmp` directory in the Pro version), which temporarily stores files containing sensitive data. | 7.5 |
| 2023-12-14 | CVE-2023-48661 | Files or Directories Accessible to External Parties vulnerability in Dell products Dell vApp Manager, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. | 4.9 |
| 2023-12-11 | CVE-2023-5907 | Files or Directories Accessible to External Parties vulnerability in Bitapps File Manager The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory, allowing an administrator to set a root outside of the WordPress root directory, giving access to system files and directories even in a multisite setup, where site administrators should not be allowed to modify the sites files. | 6.5 |
| 2023-11-30 | CVE-2023-6375 | Files or Directories Accessible to External Parties vulnerability in Tylertech Court Case Management Plus Tyler Technologies Court Case Management Plus may store backups in a location that can be accessed by a remote, unauthenticated attacker. | 7.5 |
| 2023-11-17 | CVE-2023-39545 | Files or Directories Accessible to External Parties vulnerability in NEC products CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | 8.8 |
| 2023-11-09 | CVE-2023-47612 | Files or Directories Accessible to External Parties vulnerability in Telit products A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories. | 6.1 |