Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-538 (文件和路径信息暴露) — Vulnerability Class 64

64 vulnerabilities classified as CWE-538 (文件和路径信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-0194 Insertion of Sensitive Information into Externally-Accessible File or Directory in GitLab — GitLab 6.5 Medium2025-01-08
CVE-2025-22306 WordPress Link Whisper Free plugin <= 0.7.7 - Sensitive Data Exposure vulnerability — Link Whisper Free 5.3 Medium2025-01-07
CVE-2024-47580 Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services) — SAP NetWeaver AS for JAVA (Adobe Document Services) 6.8 Medium2024-12-10
CVE-2024-47579 Multiple vulnerabilities in SAP NetWeaver AS for JAVA(Adobe Document Services) — SAP NetWeaver AS for JAVA (Adobe Document Services) 6.8 Medium2024-12-10
CVE-2022-43933 configuration secrets are logged in support-save — SANnav 4.4 Medium2024-11-21
CVE-2023-7062 Advanced File Manager Shortcodes <= 2.4 - Authenticated (Contributor+) Directory Traversal — Advanced File Manager Shortcodes 8.8 High2024-07-10
CVE-2023-5937 Sensitive data exfiltration via unsafe permissions on Windows systems in Arc before v1.6.0 — Arc 3.8 Low2024-05-15
CVE-2024-22045 Siemens SINEMA Remote Connect 安全漏洞 — SINEMA Remote Connect Client 7.6 High2024-03-12
CVE-2024-22433 Dell Data Protection Search 安全漏洞 — Data Protection Search 8.8 High2024-02-01
CVE-2024-0191 RRJ Nueva Ecija Engineer Online Portal file information disclosure — Nueva Ecija Engineer Online Portal 5.3 Medium2024-01-02
CVE-2023-4595 Insertion of Sensitive Information into Externally-Accessible File or Directory in BVRP Software SLmail — SLmail 7.5 High2023-11-23
CVE-2023-46723 lte-pic32-writer's sendto.txt may disclose URL and the API key — lte-pic32-writer 8.9 High2023-10-31
CVE-2022-4318 Cri-o: /etc/passwd tampering privesc — Red Hat OpenShift Container Platform 4.11 7.8 High2023-09-25
CVE-2023-38558 Siemens SIMATIC 安全漏洞 — SIMATIC PCS neo (Administration Console) V4.0 5.5 Medium2023-09-14
CVE-2023-4480 Arbitrary File Read in Fusion File Manager — PHPFusion 5.5 Medium2023-09-05
CVE-2023-28444 angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend — angular-server-side-configuration 9.9 Critical2023-03-24
CVE-2022-26329 File existence disclosue vulnerability in IDM plugin — NetIQ Identity Manager 1.8 Low2023-01-24
CVE-2022-44623 JetBrains TeamCity 安全漏洞 — TeamCity 6.5 Medium2022-11-03
CVE-2022-20864 Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability — Cisco IOS XE Software 4.6 Medium2022-10-10
CVE-2021-40363 Siemens SIMATIC PCS 7和SIMATIC WinCC 授权问题漏洞 — SIMATIC PCS 7 V8.2 7.8 -2022-02-09
CVE-2022-0013 Cortex XDR Agent: File Information Exposure Vulnerability When Generating Support File — Cortex XDR Agent 5.0 Medium2022-01-12
CVE-2021-3709 Apport file permission bypass through emacs byte compilation errors — apport 6.5 Medium2021-10-01
CVE-2021-32822 File disclosure in hbs — hbs 4.0 Medium2021-08-16
CVE-2021-1406 Cisco Unified Communications Manager Information Disclosure Vulnerability — Cisco Unified Communications Manager 4.9 Medium2021-04-08
CVE-2021-21250 Post-Auth External Entity Expansion (XXE) — onedev 7.7 High2021-01-15
CVE-2019-15793 Mishandling of file-system uid/gid with namespaces in shiftfs — Shiftfs in the Linux kernel 6.5 Medium2020-04-23
CVE-2019-6851 多款Schneider产品信息泄露漏洞 — Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum (all firmware versions) 7.5 -2019-10-29
CVE-2019-7618 Elastic Code 路径遍历漏洞 — Elastic Code 5.5 -2019-10-01
CVE-2019-12623 Cisco Enterprise Network Functions Virtualization Infrastructure Software File Enumeration Vulnerability — Cisco Enterprise NFV Infrastructure Software 4.3 -2019-08-21
CVE-2018-4847 Siemens SIMATIC WinCC OA Operator iOS App 安全漏洞 — SIMATIC WinCC OA Operator iOS App 4.6 -2018-04-23

Vulnerabilities classified as CWE-538 (文件和路径信息暴露) represent 64 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.