Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-538 (文件和路径信息暴露) — Vulnerability Class 64

64 vulnerabilities classified as CWE-538 (文件和路径信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-6160 code-projects Simple ChatBox Endpoint chatbox.sql SimpleChatbox_PHP file information disclosure — Simple ChatBox 5.3 Medium2026-04-13
CVE-2019-25706 Across DR-810 ROM-0 Unauthenticated File Disclosure — DR-810 7.5 High2026-04-12
CVE-2026-33705 Chamilo LMS has unauthenticated access to Twig template source files exposes application logic — chamilo-lms 5.3 Medium2026-04-10
CVE-2025-36051 IBM QRadar SIEM Information Disclosure — QRadar SIEM 6.2 Medium2026-03-19
CVE-2016-20024 ZKTeco ZKTime.Net 3.0.1.6 Insecure File Permissions Privilege Escalation — ZKTeco ZKTime.Net 9.8 Critical2026-03-15
CVE-2026-21672 Veeam Backup And Recovery 安全漏洞 — Backup and Replication 7.8AIHighAI2026-03-12
CVE-2026-2817 Spring Data Geode Insecure Temporary Directory Usage — Spring Data Geode 4.4 Medium2026-02-19
CVE-2020-37104 ASTPP 4.0.1 VoIP Billing - Database Backup Download — ASTPP 7.5 High2026-02-11
CVE-2025-12059 Improper Access Control in Logo Software's Logo j-Platform — Logo j-Platform 9.8 Critical2026-02-11
CVE-2025-12699 ZOLL ePCR IOS Mobile Application Insertion of Sensitive Information into Externally-Accessible File or Directory — ZOLL ePCR IOS Mobile Application 5.5 Medium2026-02-10
CVE-2025-36058 Multiple security vulnerabilities are addressed in IBM Business Automation Workflow Containers fixes December 2025 — Business Automation Workflow containers 5.5 Medium2026-01-20
CVE-2026-23838 Tandoor Recipes module allows SQLite database to be externally accessible with the default settings — nixpkgs 7.5AIHighAI2026-01-19
CVE-2021-4471 TG8 Firewall Unauthenticated User Password Disclosure — TG8 Firewall 7.5 -2025-11-14
CVE-2016-15056 Ubee EVW3226 Unauthenticated Backup File Disclosure — Ubee EVW3226 9.8 -2025-11-14
CVE-2025-11891 Shelf Planner <= 2.8.1 - Unauthenticated Information Exposure via Log Files — Shelf Planner Inventory Management for WooCommerce 5.3 Medium2025-11-11
CVE-2025-46602 Dell SupportAssist OS Recovery 安全漏洞 — SupportAssist OS Recovery 4.4 Medium2025-10-27
CVE-2025-11079 Campcodes Farm Management System file information disclosure — Farm Management System 5.3 Medium2025-09-27
CVE-2025-57734 JetBrains TeamCity 安全漏洞 — TeamCity 4.3 Medium2025-08-20
CVE-2025-8452 Unauthenticated leak of sensitive information affecting multiple models from Brother Industries, Ltd., Toshiba Tec, and Konica Minolta, Inc. — DCP-L8410CDW 4.3 Medium2025-08-12
CVE-2024-51977 Unauthenticated leak of sensitive information affecting multiple models from Brother Industries, Ltd., FUJIFILM Business Innovation, Ricoh, Toshiba Tec, and Konica Minolta, Inc. — HL-L8260CDN 5.3 Medium2025-06-25
CVE-2025-20665 MediaTek Chipsets 安全漏洞 — MT6580, MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8175, MT8195, MT8196, MT8321, MT8365, MT8370, MT8385, MT8390, MT8395, MT8666, MT8667, MT8673, MT8678, MT8765, MT8766, MT8768, MT8771, MT8775, MT8781, MT8786, MT8788, MT8788E, MT8789, MT8791T, MT8795T, MT8796, MT8797, MT8798, MT8893 5.5AIMediumAI2025-05-05
CVE-2025-31421 WordPress Srbtranslatin plugin <= 3.2.0 - Sensitive Data Exposure vulnerability — Srbtranslatin 7.5AIHighAI2025-04-04
CVE-2025-31558 WordPress TailPress plugin <= 0.4.4 - Sensitive Data Exposure vulnerability — TailPress 7.5AIHighAI2025-04-03
CVE-2025-31550 WordPress WP-LESS plugin <= 1.9.6 - Sensitive Data Exposure vulnerability — WP-LESS 7.5 -2025-04-01
CVE-2025-27017 Apache NiFi: Potential Insertion of MongoDB Password in Provenance Record — Apache NiFi 6.5 -2025-03-12
CVE-2025-27150 Tuleap dumps the Redis password into the generated troubleshooting archives — tuleap 5.3 Medium2025-03-04
CVE-2025-22633 WordPress Give – Divi Donation Modules plugin <= 2.0.0 - Sensitive Data Exposure vulnerability — Give – Divi Donation Modules 7.5 -2025-02-23
CVE-2025-24689 WordPress Import and export users and customers plugin 1.27.12 - Sensitive Data Exposure vulnerability — Import and export users and customers 5.9 Medium2025-01-27
CVE-2025-22773 WordPress Htaccess File Editor <= 1.0.19 - Broken Authentication vulnerability — Htaccess File Editor 7.5 -2025-01-15
CVE-2024-6880 CSRF in MegaBIP — MegaBIP 9.1 -2025-01-10

Vulnerabilities classified as CWE-538 (文件和路径信息暴露) represent 64 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.