Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2023-25260 HIGH

Stimulsoft Designer (Web) 2023.1.3 - Local File Inclusion

CVE-2023-23330 HIGH

amano Xparc parking solutions <7.1.3879 - Local File Inclusion

CVE-2023-1246 HIGH

Saysis Starcities <=1.3 - Info Disclosure

CVE-2023-26948 HIGH

onekeyadmin <1.3.9 - Info Disclosure

CVE-2023-26956 HIGH

onekeyadmin <1.3.9 - Info Disclosure

CVE-2023-22858 MEDIUM

BlogEngine.NET 3.3.8.0 - Info Disclosure

CVE-2023-22974 HIGH

OpenEMR < 7.0.0 - Unauthenticated Path Traversal via setup.php MySQL Connection

CVE-2023-0822 HIGH

DIAEnergie <1.9.03.001 - Auth Bypass

CVE-2022-42834 LOW

macOS 11.0-11.7.2 - Unprotected Mail Attachment Exposure via Temporary Compression Directory

CVE-2022-45450 HIGH

Acronis Agent < 28610 and Cyber Protect 15 < 30984 - Sensitive Information Disclosure and Manipulation

CVE-2022-44343 HIGH

CRMEB 4.4.4 - Arbitrary File Download

CVE-2022-48094 MEDIUM

lmxcms v1.41 - Arbitrary File Read via TemplateAction.class.php

CVE-2022-48161 HIGH

Easy Images 2.0 - Arbitrary File Download via /application/down.php

CVE-2022-47950 MEDIUM

OpenStack Swift <2.28.1-2.30.0 - Info Disclosure

CVE-2022-23508 HIGH

Weave GitOps - Privilege Escalation

CVE-2022-45052 HIGH

Axiell Iguana CMS 4.0.0-4.5.02 - Local File Inclusion via Proxy.type.php URL Parameter

CVE-2022-4236 MEDIUM

Welcart e-Commerce <2.8.5 - Info Disclosure

CVE-2022-45426 MEDIUM

Dahua DSS Express and DSS Professional - Unauthenticated Arbitrary File Download via Crafted Packet

CVE-2022-28283 MEDIUM

Firefox < 99.0 - Unauthenticated Arbitrary File Read via DevTools sourceMapURL

CVE-2022-4106 HIGH

WooCommerce <1.0.7 - Unauthenticated RCE

CVE-2022-45227 HIGH

Dragino Lora LG01 18ed40 IoT <4.3.4 - Path Traversal

CVE-2022-44356 HIGH

WAVLINK Quantum D4G - Info Disclosure

CVE-2022-3691 HIGH

WordPress Plugin <1.7.5 - Info Disclosure

CVE-2022-44634 MEDIUM

S2W - Import Shopify to WooCommerce <1.1.12 - Info Disclosure

CVE-2022-44583 HIGH

WatchTowerHQ <3.6.15 - Info Disclosure

Previous Page 11 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy