Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2024-43660 HIGH

Iocharger AC <24120701 - File Download

CVE-2024-52047 HIGH

Trend Micro Apex One < 14.0.13139 - Widget Local File Inclusion

CVE-2024-9945 MEDIUM

Fortra's GoAnywhere MFT <7.7.0 - Info Disclosure

CVE-2024-54099 MEDIUM

File Replacement Vuln - Info Disclosure

CVE-2024-50627 HIGH

Digi ConnectPort LTS Firmware < 1.4.12 - Privilege Escalation via File Upload

CVE-2024-51542 HIGH

ABB ASPECT <3.08.02, NEXUS Series <3.08.02, MATRIX Series <3.08.02 ...

CVE-2024-53676 CRITICAL

HPE Insight Remote Support < 7.14.0.629 - Directory Traversal and Remote Code Execution

CVE-2024-51058 MEDIUM

TCPDF < 6.7.6 - Local File Inclusion via Image Tag

CVE-2024-10403 HIGH

Brocade Fabric OS <8.2.3e2, 9.0.0-9.2.0c, 9.2.1-9.2.1a - Info Discl...

CVE-2024-10126 MEDIUM

M-Files Server <24.11 - Local File Inclusion

CVE-2024-31141 MEDIUM

Apache Kafka Clients - Improper Privilege Management

CVE-2024-52292 HIGH

Craft CMS 3.5.13-4.12.7 and 5.0.0-alpha.1-5.4.8 - Authenticated Path Traversal via dataUrl Function

CVE-2024-8535 HIGH

NetScaler ADC - Privilege Escalation

CVE-2024-48838 LOW

Dell SmartFabric OS10 Software - Info Disclosure

CVE-2024-10526 HIGH

Rapid7 Velociraptor MSI Installer <0.73.3 - Privilege Escalation

CVE-2024-48647 HIGH

Sage FRP 1000 v7.0.0 - Arbitrary File Read via URL Parameter Manipulation

CVE-2024-49359 HIGH

ZimaOS < 1.2.5 - Authenticated Directory Traversal via File API Endpoint

CVE-2024-49756 MEDIUM

AshPostgres <2.4.10 - Info Disclosure

CVE-2024-44807 MEDIUM

BurgerEditor and BurgerEditor Limited Edition < 2.25.1 - Directory Listing Information Disclosure

CVE-2024-45894 MEDIUM

BlueCMS 1.6 - Arbitrary File Deletion via file_name Parameter

CVE-2024-7107 HIGH

National Keep Cyber Security Services CyberMath <CYBM.240816253 - I...

CVE-2024-6878 CRITICAL

Eliz Software Panel <2.3.24 - Info Disclosure

CVE-2024-8655 MEDIUM

Mercury MNVR816 <2.0.1.0.5 - Info Disclosure

CVE-2024-39581 HIGH

Dell PowerScale InsightIQ <5.2 - Info Disclosure

CVE-2024-36442 HIGH

Swissphone DiCal-RED 4009 - File Access

Previous Page 6 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy