Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2023-4475 HIGH

ASUSTOR Data Master <4.1.0 - Path Traversal

CVE-2023-38952 HIGH

ZKTeco BioTime <9.0.1 - Privilege Escalation

CVE-2023-38948 HIGH

jizhicms 1.9.5 - Arbitrary File Download via PluginsController.php

CVE-2023-37551 MEDIUM

CODESYS Control Runtime - Authenticated Arbitrary File Write via CmpApp Component

CVE-2023-32226 HIGH

SysAid On-Premises < 23.2.14 - Authenticated Arbitrary File Read

CVE-2023-29450 HIGH

Zabbix < 5.0.33 - Unauthorized File System Access via JavaScript Pre-processing

CVE-2023-34316 MEDIUM

Delta Electronics InfraSuite Device Master <1.0.7 - Info Disclosure

CVE-2023-2538 MEDIUM

Tyan S5552 BMC <3.00 - Info Disclosure

CVE-2023-34834 MEDIUM

MCL-Net <4.3.5.8788 - Info Disclosure

CVE-2023-36664 HIGH

Artifex Ghostscript <10.01.2 - Privilege Escalation

CVE-2023-29931 CRITICAL

Laravel-s <3.7.35 - Local File Inclusion

CVE-2023-34645 HIGH

jfinal_cms 5.1.0 - Arbitrary File Read

CVE-2023-2976 MEDIUM

Google Guava <32.0.1 - Info Disclosure

CVE-2023-33568 HIGH

Dolibarr 16.0.0-16.0.4 - Unauthenticated Database Dump via Contact File Access

CVE-2023-32684 LOW

Lima < 0.16.0 - Unauthenticated Arbitrary File Read via Malicious Disk Image

CVE-2023-31066 CRITICAL

Apache InLong <1.6.0 - Info Disclosure

CVE-2023-31064 HIGH

Apache InLong <1.7.0 - Info Disclosure

CVE-2023-20184 MEDIUM

Cisco Catalyst Center < 2.2.3.5 - Authenticated Arbitrary Command Execution in Restricted Container

CVE-2023-20183 MEDIUM

Cisco DNA Center - Privilege Escalation

CVE-2023-2766 MEDIUM

Weaver e-office 9.5 - Files or Directories Accessible to External Parties in jx2_config.ini

CVE-2023-29820 MEDIUM

Webroot SecureAnywhere Endpoint Protection CE <23.1 v.9.0.33.39 - I...

CVE-2023-29107 MEDIUM

SIMATIC Cloud Connect 7 - Info Disclosure

CVE-2023-27180 HIGH

GDidees CMS v3.9.1 - Info Disclosure

CVE-2023-1124 HIGH

Shopping Cart & eCommerce Store <5.4.3 - Local File Inclusion

CVE-2023-28375 HIGH

Osprey Pump Controller 1.01 - Info Disclosure

Previous Page 10 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy