Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2025-25266 MEDIUM

Tecnomatix Plant Simulation <V2302.0021-V2404.0010 - Info Disclosure

CVE-2025-2147 MEDIUM

Beijing Zhide Intelligent Internet Technology Modern Farm Digital I...

CVE-2025-2038 HIGH

Blood Bank Management System 1.0 - Info Disclosure

CVE-2025-25759 HIGH

SUCMS 1.0 - Path Traversal and Arbitrary File Deletion via admin_template.php

CVE-2025-25799 MEDIUM

SeaCMS 13.3 - Arbitrary File Read via admin_safe.php file_get_contents

CVE-2025-26525 HIGH

Moodle - Arbitrary File Read via TeX Notation Filter

CVE-2025-23421 MEDIUM

Qardio Heart Health iOS <2.7.4 & Android <2.5.1 - Firmware Exposure

CVE-2025-1042 MEDIUM

GitLab EE <17.6.5-17.8.2 - Info Disclosure

CVE-2025-0509 HIGH

Sparkle < 2.6.4 - Unauthenticated Update Replacement via Signature Bypass

CVE-2025-21609 CRITICAL

SiYuan Note <3.1.18 - File Deletion

CVE-2024-56462 HIGH

IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

CVE-2024-11399 MEDIUM

Synology BeeDrive For Desktop < 1.3.2-13814 - Files or Directories Accessible to External Parties

CVE-2024-56731 CRITICAL

Gogs < 0.13.3 - Remote Code Execution via .git Directory File Deletion

CVE-2024-8031 MEDIUM

Secure Downloads WP <1.2.3 - Info Disclosure

CVE-2024-4981 HIGH

Pagure < 5.14.1 - Unauthenticated Information Disclosure via Symbolic Link Traversal

CVE-2024-13126 MEDIUM

WordPress Plugin <3.3.07 - Path Traversal

CVE-2024-48864 CRITICAL

File Station 5 <5.5.6.4741 - Info Disclosure

CVE-2024-12917 HIGH

Health4All <10.01.2025 - Info Disclosure

CVE-2024-11629 HIGH

Telerik Document Processing <2025.1.205 - Path Traversal

CVE-2024-48019 MEDIUM

Apache Doris 2.1.0-2.1.7 - Path Traversal and Arbitrary File Read

CVE-2024-57452 HIGH

ChestnutCMS <=1.5.0 - File Deletion

CVE-2024-47106 MEDIUM

IBM Jazz for Service Management <1.1.3.22 - Info Disclosure

CVE-2024-45627 MEDIUM

Apache Linkis <1.7.0 - Info Disclosure

CVE-2024-53649 MEDIUM

SIPROTEC 5 - Authenticated Arbitrary File Read via Webserver Path Traversal

CVE-2024-47518 MEDIUM

Arista NG Firewall <= 17.1.1 - Information Disclosure via ETM

Previous Page 5 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy