Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-552 (对外部实体的文件或目录可访问) — Vulnerability Class 198

198 vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-49198 Apache SeaTunnel Web: Arbitrary file read vulnerability — Apache SeaTunnel Web 7.5AIHighAI2024-08-21
CVE-2024-41699 Priority – CWE-552: Files or Directories Accessible to External Parties — Priority 4.4 Medium2024-08-20
CVE-2024-7729 CAYIN Technology CMS - Sensitive File Download — SMP-2100 7.5 High2024-08-14
CVE-2024-3913 Phoenix Contact: Start sequence allows attack during the boot process — CHARX SEC-3000 (1139022) 5.9 Medium2024-08-13
CVE-2024-38876 Siemens多款产品 安全漏洞 — Omnivise T3000 Application Server R9.2 7.8 High2024-08-02
CVE-2024-27182 Apache Linkis Basic management services: Engine material management Arbitrary file deletion vulnerability — Apache Linkis Basic management services 6.5AIMediumAI2024-08-02
CVE-2024-38429 Matrix - CWE-552: Files or Directories Accessible to External Parties — Tafnit v8 7.5 High2024-07-30
CVE-2024-6911 Unauthenticated Local File Inclusion — ProcessPlus 7.5AIHighAI2024-07-22
CVE-2023-41916 Apache Linkis DataSource: DatasourceManager module has a JDBC parameter judgment logic vulnerability that allows for arbitrary file reading — Apache Linkis DataSource 6.5 -2024-07-15
CVE-2024-6421 Pepperl+Fuchs: Incorrectly configured FTP-Server in OIT Products — OIT1500-F113-B12-CB 7.5 High2024-07-10
CVE-2024-6209 unauthorized file access — ASPECT-Enterprise 10.0 Critical2024-07-05
CVE-2024-4836 LFI in sites managed by Edito CMS — Edito CMS 7.5 High2024-07-02
CVE-2024-5056 Schneider Electric Modicon M340 安全漏洞 — Modicon M340 6.5 Medium2024-06-12
CVE-2024-5262 ProjectDiscovery Interactsh - Files or Directories Accessible to External Parties — Interactsh 9.1AICriticalAI2024-06-05
CVE-2024-5587 Casdoor Configuration File app.conf file access — Casdoor 5.3 Medium2024-06-02
CVE-2024-5045 SourceCodester Online Birth Certificate Management System admin file access — Online Birth Certificate Management System 5.3 Medium2024-05-17
CVE-2024-35183 wolfictl leaks GitHub tokens to remote non-GitHub git servers — wolfictl 4.4 Medium2024-05-15
CVE-2024-34066 Arbitrary File Write/Read in Pterodactyl wings — wings 8.5 High2024-05-03
CVE-2023-39480 Softing Secure Integration Server FileDirectory OPC UA Object Arbitrary File Creation Vulnerability — Secure Integration Server 8.1 -2024-05-03
CVE-2023-39479 Softing Secure Integration Server OPC UA Gateway Directory Creation Vulnerability — Secure Integration Server 6.5 -2024-05-03
CVE-2023-48710 iTop limit pages/exec.php script to PHP files — iTop 9.8 Critical2024-04-15
CVE-2024-2759 Improper access control in Apaczka plugin for PrestaShop — Apaczka 5.3 -2024-04-04
CVE-2024-2052 Schneider Electric Easergy T200 安全漏洞 — Easergy T200 (Modbus) Models: T200I, T200E, T200P, T200S, T200H 7.5 High2024-03-18
CVE-2023-45594 AiLux imx6 安全漏洞 — imx6 bundle 6.8 Medium2024-03-05
CVE-2024-21403 Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability — Azure Kubernetes Service 9.0 Critical2024-02-13
CVE-2024-1005 Shanxi Diankeyun Technology NODERP log file access — NODERP 5.3 Medium2024-01-29
CVE-2023-48661 Dell Virtual Appliance Manager 安全漏洞 — vApp Manager 4.9 Medium2023-12-14
CVE-2023-50164 Apache Struts: File upload component had a directory traversal vulnerability — Apache Struts 9.8 -2023-12-07
CVE-2023-6375 Tyler Technologies Magistrate Court Case Management Plus stores backups insecurely — Court Case Management Plus 5.3 Medium2023-11-30
CVE-2023-39545 NEC Expresscluster X 安全漏洞 — CLUSTERPRO X (EXPRESSCLUSTER X) 8.8 -2023-11-17

Vulnerabilities classified as CWE-552 (对外部实体的文件或目录可访问) represent 198 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.