VYPR

CWE-552

Files or Directories Accessible to External Parties

BaseDraft

Description

The product makes files or directories accessible to unauthorized actors, even though they should not be.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-150 · CAPEC-639

CVEs mapped to this weakness (182)

page 2 of 10
  • CVE-2024-4098CriJun 20, 2024
    risk 0.57cvss 9.8epss 0.01

    The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.6.13 via the shariff3uu_fetch_sharecounts function. This allows unauthenticated attackers to include and execute arbitrary files on the server, allowing the…

  • CVE-2024-3564HigJun 1, 2024
    risk 0.57cvss 8.8epss 0.01

    The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the plugin's 'content_block' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above,…

  • CVE-2018-1079HigApr 12, 2018
    risk 0.57cvss 8.7epss 0.01

    pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/put_file query. If the /etc/booth directory exists, an…

  • CVE-2016-3715MedKEVMay 5, 2016
    risk 0.57cvss 5.5epss 0.75

    The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image.

  • CVE-2024-10526HigNov 7, 2024
    risk 0.56cvss epss 0.00

    Rapid7 Velociraptor MSI Installer versions below 0.73.3 suffer from a vulnerability whereby it creates the installation directory with WRITE_DACL permission to the BUILTIN\\Users group. This allows local users who are not administrators to grant themselves the Full Control…

  • CVE-2015-5211CriMay 25, 2017
    risk 0.56cvss 9.6epss 0.03

    Under some situations, the Spring Framework 4.2.0 to 4.2.1, 4.0.0 to 4.1.7, 3.2.0 to 3.2.14 and older unsupported versions is vulnerable to a Reflected File Download (RFD) attack. The attack involves a malicious user crafting a URL with a batch script extension that results in…

  • CVE-2023-29080HigJan 30, 2025
    risk 0.55cvss epss 0.00

    Potential privilege escalation vulnerability in Revenera InstallShield versions 2022 R2 and 2021 R2 due to adding InstallScript custom action to a Basic MSI or InstallScript MSI project extracting few binaries to a predefined writable folder during installation time. The…

  • CVE-2024-12917HigFeb 24, 2025
    risk 0.54cvss 8.3epss 0.00

    Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All allows Exploiting Incorrectly Configured Access Control Security Levels, Authentication Abuse. This issue affects Health4All: before 10.01.2025.

  • CVE-2024-4836HigJul 2, 2024
    risk 0.54cvss 7.5epss 0.03

    Web services managed by Edito CMS (Content Management System) in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthenticated user. The issue in versions 3.5 - 3.25 was removed in releases which dates from 10th of January…

  • CVE-2025-7389HigApr 14, 2026
    risk 0.53cvss epss 0.00

    A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its authenticated users OS-level access to the server through the adopted authority of the AdminServer process itself.  The delegated authority of the AdminServer could allow its users…

  • CVE-2026-34361CriMar 31, 2026
    risk 0.53cvss 9.3epss 0.00

    HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to version 6.9.4, the FHIR Validator HTTP service exposes an unauthenticated "/loadIG" endpoint that makes outbound HTTP requests to attacker-controlled URLs. Combined…

  • CVE-2025-11959HigNov 11, 2025
    risk 0.53cvss 8.1epss 0.00

    Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse. This issue…

  • CVE-2023-41566HigJul 17, 2025
    risk 0.53cvss 8.1epss 0.00

    OA EKP v16 was discovered to contain an arbitrary download vulnerability via the component /ui/sys_ui_extend/sysUiExtend.do. This vulnerability allows attackers to obtain the password of the background administrator and further obtain database permissions.

  • CVE-2026-45721CriMay 26, 2026
    risk 0.52cvss 9.0epss 0.00

    Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is asked for any URL path that resolves to a directory without an index file, DirPage walks upward through parent directories — past the configured server root — looking for a file named…

  • CVE-2026-40484CriApr 18, 2026
    risk 0.52cvss 9.1epss 0.01

    ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory(), which…

  • CVE-2018-16946HigSep 12, 2018
    risk 0.52cvss 7.5epss 0.09

    LG LNB*, LND*, LNU*, and LNV* smart network camera devices have broken access control. Attackers are able to download /updownload/t.report (aka Log & Report) files and download backup files (via download.php) without authenticating. These backup files contain user credentials…

  • CVE-2025-23276HigAug 2, 2025
    risk 0.51cvss 7.8epss 0.00

    NVIDIA Installer for Windows contains a vulnerability where an attacker may be able to escalate privileges. A successful exploit of this vulnerability may lead to escalation of privileges, denial of service, code execution, information disclosure and data tampering.

  • CVE-2025-49797HigJun 25, 2025
    risk 0.51cvss 7.8epss 0.00

    Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If exploited, an arbitrary program may be executed with the administrative privilege. As for the details of affected product names, model numbers, and versions, refer to the information…

  • CVE-2025-2222HigApr 9, 2025
    risk 0.51cvss 7.8epss 0.00

    CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following man in the middle attack.

  • CVE-2023-6266HigJan 11, 2024
    risk 0.51cvss 7.5epss 0.02

    The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMI_BACKUP case of the handle_downloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated…