Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-17 | CVE-2023-39545 | Files or Directories Accessible to External Parties vulnerability in NEC products CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | 8.8 |
| 2023-11-09 | CVE-2023-47612 | Files or Directories Accessible to External Parties vulnerability in Telit products A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Telit Cinterion BGS5, Telit Cinterion EHS5/6/8, Telit Cinterion PDS5/6/8, Telit Cinterion ELS61/81, Telit Cinterion PLS62 that could allow an attacker with physical access to the target system to obtain a read/write access to any files and directories on the targeted system, including hidden files and directories. | 6.1 |
| 2023-11-07 | CVE-2023-42534 | Files or Directories Accessible to External Parties vulnerability in Samsung Android 12.0/13.0 Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege. | 5.5 |
| 2023-11-06 | CVE-2023-4930 | Files or Directories Accessible to External Parties vulnerability in Shamimsplugins Front END PM The Front End PM WordPress plugin before 11.4.3 does not block listing the contents of the directories where it stores attachments to private messages, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled. | 6.5 |
| 2023-11-02 | CVE-2023-31017 | Files or Directories Accessible to External Parties vulnerability in Nvidia Virtual GPU NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. | 7.8 |
| 2023-10-31 | CVE-2023-5099 | Files or Directories Accessible to External Parties vulnerability in Jonashjalmarsson Html Filter and Csv-File Search The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.7 via the 'src' attribute of the 'csvsearch' shortcode. | 8.8 |
| 2023-10-30 | CVE-2023-5199 | Files or Directories Accessible to External Parties vulnerability in PHP to Page Project PHP to Page 0.3 The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the 'php-to-page' shortcode. | 8.8 |
| 2023-10-25 | CVE-2023-26580 | Files or Directories Accessible to External Parties vulnerability in Idattend Idweb 3.1.013/3.1.052 Unauthenticated arbitrary file read in the IDAttend’s IDWeb application 3.1.013 allows the retrieval of any file present on the web server by unauthenticated attackers. | 7.5 |
| 2023-10-23 | CVE-2023-33517 | Files or Directories Accessible to External Parties vulnerability in Carrental Project Carrental 1.0 carRental 1.0 is vulnerable to Incorrect Access Control (Arbitrary File Read on the Back-end System). | 7.5 |
| 2023-10-16 | CVE-2023-3155 | Files or Directories Accessible to External Parties vulnerability in Imagely Nextgen Gallery The WordPress Gallery Plugin WordPress plugin before 3.39 is vulnerable to Arbitrary File Read and Delete due to a lack of input parameter validation in the `gallery_edit` function, allowing an attacker to access arbitrary resources on the server. | 7.2 |