Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-16 | CVE-2023-4933 | Files or Directories Accessible to External Parties vulnerability in Awsm WP JOB Openings The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled. | 5.3 |
| 2023-10-09 | CVE-2023-5101 | Files or Directories Accessible to External Parties vulnerability in Sick Apu0200 Firmware Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests. | 5.3 |
| 2023-10-05 | CVE-2023-45160 | Files or Directories Accessible to External Parties vulnerability in 1E Client In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. | 8.8 |
| 2023-09-29 | CVE-2023-5297 | Files or Directories Accessible to External Parties vulnerability in Rockoa 2.3.2 A vulnerability was found in Xinhu RockOA 2.3.2. | 7.5 |
| 2023-09-27 | CVE-2023-43856 | Files or Directories Accessible to External Parties vulnerability in Dreamer CMS Project Dreamer CMS 4.1.3 Dreamer CMS v4.1.3 was discovered to contain an arbitrary file read vulnerability via the component /admin/TemplateController.java. | 7.5 |
| 2023-09-12 | CVE-2023-3712 | Files or Directories Accessible to External Parties vulnerability in Honeywell Pm43 Firmware Files or Directories Accessible to External Parties vulnerability in Honeywell PM43 on 32 bit, ARM (Printer web page modules) allows Privilege Escalation.This issue affects PM43 versions prior to P10.19.050004. Update to the latest available firmware version of the respective printers to version MR19.5 (e.g. | 7.8 |
| 2023-09-06 | CVE-2023-4588 | Files or Directories Accessible to External Parties vulnerability in Delinea Secret Server 10.9.000002/11.4.000002 File accessibility vulnerability in Delinea Secret Server, in its v10.9.000002 and v11.4.000002 versions. | 4.9 |
| 2023-08-31 | CVE-2023-41717 | Files or Directories Accessible to External Parties vulnerability in Zscaler Proxy 3.6.1.25 Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions. | 5.5 |
| 2023-08-22 | CVE-2023-4475 | Files or Directories Accessible to External Parties vulnerability in Asustor Data Master An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an attacker to exploit the file renaming feature to move files to unintended directories. | 5.5 |
| 2023-08-03 | CVE-2023-38952 | Files or Directories Accessible to External Parties vulnerability in Zkteco Biotime 8.5.5 Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read sensitive backup files and access sensitive information such as user credentials via sending a crafted HTTP request to the static files resources of the system. | 7.5 |