Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-29 | CVE-2020-12470 | Files or Directories Accessible to External Parties vulnerability in Mono Monox 5.1.40.5152 MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template. | 7.2 |
| 2020-04-17 | CVE-2019-7306 | Files or Directories Accessible to External Parties vulnerability in multiple products Byobu Apport hook may disclose sensitive information since it automatically uploads the local user's .screenrc which may contain private hostnames, usernames and passwords. | 7.5 |
| 2020-04-10 | CVE-2019-7305 | Files or Directories Accessible to External Parties vulnerability in Extplorer 1.0.0/2.0.0/2.1.0 Information Exposure vulnerability in eXtplorer makes the /usr/ and /etc/extplorer/ system directories world-accessible over HTTP. | 9.8 |
| 2020-04-01 | CVE-2020-11469 | Files or Directories Accessible to External Parties vulnerability in Zoom Meetings 4.6.8 Zoom Client for Meetings through 4.6.8 on macOS copies runwithroot to a user-writable temporary directory during installation, which allows a local process (with the user's privileges) to obtain root access by replacing runwithroot. | 7.8 |
| 2020-03-30 | CVE-2020-5289 | Files or Directories Accessible to External Parties vulnerability in Elide In Elide before 4.5.14, it is possible for an adversary to "guess and check" the value of a model field they do not have access to assuming they can read at least one other field in the model. | 6.5 |
| 2020-03-24 | CVE-2019-20593 | Files or Directories Accessible to External Parties vulnerability in Google Android An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. | 5.3 |
| 2020-03-18 | CVE-2019-20529 | Files or Directories Accessible to External Parties vulnerability in Frappe 11.0.0/12.0.0 In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files (no authentication is required to access; having a link is sufficient) instead of private files. | 7.5 |
| 2020-03-05 | CVE-2020-5250 | Files or Directories Accessible to External Parties vulnerability in Prestashop In PrestaShop before version 1.7.6.4, when a customer edits their address, they can freely change the id_address in the form, and thus steal someone else's address. | 6.3 |
| 2020-03-05 | CVE-2020-10105 | Files or Directories Accessible to External Parties vulnerability in Zammad An issue was discovered in Zammad 3.0 through 3.2. | 5.3 |
| 2020-02-17 | CVE-2015-4715 | Files or Directories Accessible to External Parties vulnerability in Owncloud The fetch function in OAuth/Curl.php in Dropbox-PHP, as used in ownCloud Server before 6.0.8, 7.x before 7.0.6, and 8.x before 8.0.4 when an external Dropbox storage has been mounted, allows remote administrators of Dropbox.com to read arbitrary files via an @ (at sign) character in unspecified POST values. | 4.9 |