Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-552

CWE-552

Files or Directories Accessible to External Parties

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product makes files or directories accessible to unauthorized actors, even though they should not be.

474 vulnerabilities with CWE-552

CVE-2023-5907 MEDIUM

WordPress File Manager <6.3 - Privilege Escalation

CVE-2023-50164 CRITICAL

Apache Struts 2.0.0-2.5.32 - Path Traversal and Remote Code Execution via File Upload

CVE-2023-6375 MEDIUM

Tyler Technologies Court Case Management Plus - Info Disclosure

CVE-2023-39545 HIGH

CLUSTERPRO X <5.1 - Command Injection

CVE-2023-47612 MEDIUM

Telit Cinterion BGS5 EHS5/6/8 PDS5/6/8 ELS61/81 PLS62 - Unauthenticated Arbitrary File Read/Write via Physical Access

CVE-2023-42534 MEDIUM

ChooserActivity <SMR Nov-2023 Release 1 - Info Disclosure

CVE-2023-4930 MEDIUM

Front End PM WP <11.4.3 - Info Disclosure

CVE-2023-31017 HIGH

NVIDIA GPU Display Driver for Windows - Code Injection

CVE-2023-5099 HIGH

WordPress <=2.7 - Local File Inclusion

CVE-2023-5199 CRITICAL

PHP to Page < 0.3 - Authenticated Local File Inclusion to Remote Code Execution via Shortcode

CVE-2023-26580 HIGH

IDAttend's IDWeb <3.1.013 - Info Disclosure

CVE-2023-33517 HIGH

carRental 1.0 - Arbitrary File Read via Incorrect Access Control

CVE-2023-4933 MEDIUM

WP Job Openings <3.4.3 - Info Disclosure

CVE-2023-3155 HIGH

WordPress Gallery Plugin <3.39 - Info Disclosure

CVE-2023-5101 MEDIUM

SICK APU0200 Firmware < 4.0.0.6 - Unauthenticated Arbitrary File Read via HTTP Requests

CVE-2023-23366 HIGH

Music Station 5.3.0-5.3.21 - Authenticated Path Traversal

CVE-2023-23365 HIGH

QNAP Music Station 5.3.0-5.3.21 - Authenticated Path Traversal

CVE-2023-45160 HIGH

1e 1E Client - Resource File Subversion

CVE-2023-20235 MEDIUM

Cisco IOS XE < 17.3.1 - Authenticated Privilege Escalation via Docker Privileged Mode

CVE-2023-5297 LOW

Xinhu RockOA 2.3.2 - Info Disclosure

CVE-2023-43856 HIGH

Dreamer CMS v4.1.3 - Info Disclosure

CVE-2023-3712 MEDIUM

Honeywell PM43 Firmware < P10.19.050004 - Privilege Escalation via Unprotected Files or Directories

CVE-2023-4588 MEDIUM

Delinea Secret Server <11.4.000002 - Info Disclosure

CVE-2023-4743 LOW

Dreamer CMS <4.1.3 - Info Disclosure

CVE-2023-41717 MEDIUM

Zscaler Proxy <3.6.1.25 - Auth Bypass

Previous Page 9 of 19 Next

Details

Vulnerabilities 474

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy