Vulnerabilities > Files or Directories Accessible to External Parties
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-06 | CVE-2022-44343 | Files or Directories Accessible to External Parties vulnerability in Crmeb 4.4.4 CRMEB 4.4.4 is vulnerable to Any File download. | 7.5 |
| 2023-02-01 | CVE-2022-48094 | Files or Directories Accessible to External Parties vulnerability in Lmxcms 1.41 lmxcms v1.41 was discovered to contain an arbitrary file read vulnerability via TemplateAction.class.php. | 4.9 |
| 2023-02-01 | CVE-2022-48161 | Files or Directories Accessible to External Parties vulnerability in Easy Images Project Easy Images 2.0 Easy Images v2.0 was discovered to contain an arbitrary file download vulnerability via the component /application/down.php. | 7.5 |
| 2023-01-18 | CVE-2022-47950 | Files or Directories Accessible to External Parties vulnerability in multiple products An issue was discovered in OpenStack Swift before 2.28.1, 2.29.x before 2.29.2, and 2.30.0. | 6.5 |
| 2023-01-09 | CVE-2022-23508 | Files or Directories Accessible to External Parties vulnerability in Weave Gitops Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. | 7.8 |
| 2023-01-04 | CVE-2022-45052 | Files or Directories Accessible to External Parties vulnerability in Axiell Iguana 4.0.0 A Local File Inclusion vulnerability has been found in Axiell Iguana CMS. | 6.5 |
| 2023-01-02 | CVE-2022-4236 | Files or Directories Accessible to External Parties vulnerability in Collne Welcart E-Commerce The Welcart e-Commerce WordPress plugin before 2.8.5 does not validate user input before using it to output the content of a file via an AJAX action available to any authenticated users, which could allow users with a role as low as subscriber to read arbitrary files on the server. | 6.5 |
| 2022-12-27 | CVE-2022-45426 | Files or Directories Accessible to External Parties vulnerability in Dahuasecurity products Some Dahua software products have a vulnerability of unrestricted download of file. | 6.5 |
| 2022-12-19 | CVE-2022-4106 | Files or Directories Accessible to External Parties vulnerability in Cedcommerce Wholesale Market for Woocommerce The Wholesale Market for WooCommerce WordPress plugin before 1.0.7 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server. | 7.5 |
| 2022-12-12 | CVE-2022-45227 | Files or Directories Accessible to External Parties vulnerability in Dragino Lg01 Lora Firmware 4.3.4 The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https://10.10.20.74/lib/. | 7.5 |