Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2024-41699 MEDIUM

Priority < 24.0 - Unauthenticated Arbitrary File Read

CVE-2024-7729 HIGH

CAYIN Technology CMS - Info Disclosure

CVE-2024-3913 MEDIUM

Phoenixcontact Phoenix Contact CHARX SEC-3000/3050/3100/3150 Firmware <= 1.6.3 - Unauthenticated Configuration Change

CVE-2024-38876 HIGH

Omnivise T3000 - Authenticated Privilege Escalation via User-Modifiable Code Execution

CVE-2024-27182 MEDIUM

Apache Linkis <=1.5.0 - Privilege Escalation

CVE-2024-38429 HIGH

Matrix Tafnit < 8.4.202 - Files or Directories Accessible to External Parties

CVE-2024-40767 MEDIUM

OpenStack Nova <27.4.1,28.2.1,29.1.1 - Info Disclosure

CVE-2024-6911 HIGH

PerkinElmer ProcessPlus <1.11.6507.0 - Info Disclosure

CVE-2024-6421 HIGH

Pepperl+Fuchs OIT Series Firmware <= 2.11.0 - Information Disclosure via FTP

CVE-2024-6209 CRITICAL

ABB ASPECT - Enterprise <3.08.01 - Info Disclosure

CVE-2024-32498 MEDIUM

OpenStack <24.0.0, <28.0.2, <29.0.3 - Info Disclosure

CVE-2024-39931 CRITICAL

Gogs < 0.13.0 - Unauthenticated Arbitrary File Deletion

CVE-2024-4836 HIGH

Edito CMS 3.5-3.25 - Unauthenticated Sensitive Data Exposure via Configuration File Download

CVE-2024-0949 CRITICAL

Talya Informatics Elektraweb <17.0.68 - Auth Bypass

CVE-2024-4098 CRITICAL

Shariff Wrapper <= 4.6.13 - Unauthenticated Local File Inclusion via shariff3uu_fetch_sharecounts

CVE-2024-5056 MEDIUM

Modicon M340 Firmware - Files or Directories Accessible to External Parties

CVE-2024-23282 MEDIUM

iPadOS < 16.7.8 and 17.5 - Unauthorized FaceTime Call Initiation via Malicious Email

CVE-2024-5262 CRITICAL

ProjectDiscovery Interactsh - Path Traversal

CVE-2024-5587 MEDIUM

Casdoor < 1.335.0 - Unauthenticated Sensitive File Exposure via Configuration File Handler

CVE-2024-3564 HIGH

Content Blocks (Custom Post Widget) <3.3.0 - Code Injection

CVE-2024-5045 MEDIUM

SourceCodester Online Birth Certificate Management System 1.0 - Inf...

CVE-2024-35183 MEDIUM

wolfictl < 0.16.10 - GitHub Token Exposure to Untrusted Remote Servers

CVE-2024-3037 HIGH

PaperCut NG/MF < 23.0.9 - Arbitrary File Deletion via Web Print

CVE-2024-34066 HIGH

Pterodactyl Wings < 1.11.12 - Arbitrary File Read and Write via Leaked Token

CVE-2024-2759 HIGH

Apaczka v1-v4 - Unauthenticated Information Disclosure via Saved Templates

Previous Page 7 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy