Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2025-14442 MEDIUM

Secure Copy <= 4.9.2 - Unauthenticated Sensitive Information Exposure via CSV Export

CVE-2025-66625 MEDIUM

Umbraco CMS 10.0.0-13.12.0 - Authenticated Arbitrary File Existence Enumeration via Dictionary Upload

CVE-2025-12747 MEDIUM

Tainacan < 1.0.0 - Unauthenticated Information Exposure via Private File Access

CVE-2025-12894 MEDIUM

Import WP - Sensitive Information Exposure

CVE-2025-64185 MEDIUM

Open OnDemand <4.0.8-3.1.16 - Info Disclosure

CVE-2025-13225 MEDIUM

Tanium TanOS 1.8.4.0000 through 1.8.4.0229 - Arbitrary File Deletion

CVE-2025-13200 MEDIUM

SourceCodester Farm Management System 1.0 - Info Disclosure

CVE-2025-11959 HIGH

Premierturk Information Technologies Inc. Excavation Management Inf...

CVE-2025-33150 MEDIUM

IBM Cognos Analytics Certified Containers 12.1.0 - Info Disclosure

CVE-2025-58152 MEDIUM

FutureNet MA/IP-K - Info Disclosure

CVE-2025-11965 HIGH

Eclipse Vert.x <4.5.21 & <5.0.4 - Info Disclosure

CVE-2025-31996 MEDIUM

HCL Unica Platform - Info Disclosure

CVE-2025-11371 HIGH KEV

Gladinet CentreStack/Triofox Path Traversal

CVE-2025-59976 MEDIUM

Juniper Networks Junos Space <24.1R3 - File Download

CVE-2025-61734 HIGH

Apache Kylin <5.0.2 - Info Disclosure

CVE-2025-37130 MEDIUM

EdgeConnect SD-WAN - Info Disclosure

CVE-2025-3025 HIGH

Gen Digital CCleaner <6.36.11508 - Privilege Escalation

CVE-2025-59054 HIGH

dstack < 0.5.4 - Unauthenticated Sensitive Data Exposure via LUKS2 Volume Metadata

CVE-2025-58753 HIGH

Copyparty <1.19.8 - Info Disclosure

CVE-2025-9273 MEDIUM

CData API Server - Authenticated Information Disclosure via MySQL Connection Misconfiguration

CVE-2025-52460 MEDIUM

DOS Co., Ltd. SS1 <= 16.0.0.10 and SS1 Cloud <= 2.1.3 - Unauthenticated Arbitrary File Access

CVE-2025-43758 MEDIUM

Liferay Portal/DXP - Info Disclosure

CVE-2025-51818 MEDIUM

MCCMS 2.7.0 - Arbitrary File Deletion via Backups.php

CVE-2025-43749 MEDIUM

Liferay Portal/DXP - Info Disclosure

CVE-2025-44779 MEDIUM

Ollama < 0.1.34 - Arbitrary File Deletion via /api/pull Endpoint

Previous Page 3 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy