Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-610 (资源在另一范围的外部可控制索引) — Vulnerability Class 44

44 vulnerabilities classified as CWE-610 (资源在另一范围的外部可控制索引). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-0522 Local File Inclusion in the File Upload/Download Process — VertiGIS FM 8.8AIHighAI2026-04-01
CVE-2026-32008 OpenClaw < 2026.2.21 - Arbitrary Local File Read via Browser Navigation Guard — OpenClaw 6.5 Medium2026-03-19
CVE-2026-28722 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect 17 7.8 -2026-03-05
CVE-2026-28721 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect 17 7.8 -2026-03-05
CVE-2025-9065 Rockwell Automation ThinManager® Server-Side Request Forgery Vulnerability — ThinManager 9.6AICriticalAI2025-09-09
CVE-2025-48963 Acronis Cyber Protect Cloud Agent 安全漏洞 — Acronis Cyber Protect Cloud Agent 7.8 -2025-08-28
CVE-2015-10142 Sitecore XP < 8.0 and CMS < 7.2 and < 7.5 File Read via Known Path — Experience Platform (XP) 7.5 -2025-07-25
CVE-2025-2875 Schneider Electric多款产品 安全漏洞 — Modicon Controllers M241 / M251 7.5 High2025-05-14
CVE-2024-13177 Symlink Following in Netskope Client Postinstall Script — Netskope Client 7.8AIHighAI2025-04-15
CVE-2022-23439 Fortinet多款产品 安全漏洞 — FortiTester 4.1 Medium2025-01-22
CVE-2025-22144 Account Takeover in NamelessMC — Nameless 8.1 -2025-01-13
CVE-2024-42168 HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability — DRYiCE MyXalytics 8.9 High2025-01-11
CVE-2024-52792 Arbitrary config values override in lam — lam 6.5 Medium2024-12-17
CVE-2024-47773 Anonymous cache poisoning via XHR requests in Discourse — discourse 8.2 High2024-10-08
CVE-2024-45826 ThinManager® Code Execution Vulnerability — ThinManager 6.8 Medium2024-09-12
CVE-2024-7625 Nomad Vulnerable to Allocation Directory Escape On Non-Existing File Paths Through Archive Unpacking — Nomad 5.8 Medium2024-08-14
CVE-2024-6079 DLL Hijacking Vulnerability Exists in Rockwell Automation Emulate3D™ — Emulate3D™ 7.8AIHighAI2024-08-13
CVE-2024-28962 Dell Update和Dell Alienware Update 安全漏洞 — Dell Update (DU) 6.5 Medium2024-08-06
CVE-2024-29069 snapd will follow archived symlinks when unpacking a filesystem — snapd 4.8 Medium2024-07-25
CVE-2024-6717 Nomad Vulnerable to Allocation Directory Path Escape Through Archive Unpacking — Nomad 7.7 High2024-07-23
CVE-2024-32980 Spin contains a potential network sandbox escape for specifically configured Spin applications — spin 9.1 Critical2024-05-08
CVE-2024-24818 EspoCRM weakness in "Forgot password" — espocrm 5.9 Medium2024-02-29
CVE-2024-24760 Mailcow Docker Container Exposure to Local Network — mailcow-dockerized 8.8 High2024-02-02
CVE-2023-4089 WAGO: Multiple products vulnerable to local file inclusion — Compact Controller CC100 2.7 Low2023-10-17
CVE-2023-44209 Acronis Agent 安全漏洞 — Acronis Cyber Protect Cloud Agent 7.8 -2023-10-04
CVE-2022-46869 Acronis Cyber Protect 后置链接漏洞 — Acronis Cyber Protect Home Office 7.8 -2023-08-31
CVE-2022-46868 Acronis Cyber Protect 安全漏洞 — Acronis Cyber Protect Home Office 7.8 -2023-08-31
CVE-2023-37855 PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels — WP 6070-WVPS 4.3 Medium2023-08-09
CVE-2023-37856 PHOENIX CONTACT: Unauthorized read-access of root filesystem in WP 6xxx Web panels — WP 6070-WVPS 4.3 Medium2023-08-09
CVE-2023-38046 PAN-OS: Read System Files and Resources During Configuration Commit — PAN-OS 5.5 Medium2023-07-12

Vulnerabilities classified as CWE-610 (资源在另一范围的外部可控制索引) represent 44 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.