VYPR

CWE-552

Files or Directories Accessible to External Parties

BaseDraft

Description

The product makes files or directories accessible to unauthorized actors, even though they should not be.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-150 · CAPEC-639

CVEs mapped to this weakness (182)

page 3 of 10
  • CVE-2026-35169HigApr 8, 2026
    risk 0.50cvss 8.7epss 0.00

    LORIS (Longitudinal Online Research and Imaging System) is a self-hosted web application that provides data- and project-management for neuroimaging research. From to before 27.0.3 and 28.0.1, the help_editor module of LORIS did not properly sanitize some user supplied…

  • CVE-2023-5099HigOct 31, 2023
    risk 0.50cvss 8.8epss 0.01

    The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.7 via the 'src' attribute of the 'csvsearch' shortcode. This allows authenticated attackers, with contributor-level permissions and above, to…

  • CVE-2026-39871HigMay 11, 2026
    risk 0.49cvss 7.5epss 0.00

    A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to observe unprotected user data.

  • CVE-2025-69428HigApr 27, 2026
    risk 0.49cvss 7.5epss 0.00

    An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdirectories.

  • CVE-2018-25164HigMar 6, 2026
    risk 0.49cvss 7.5epss 0.00

    EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated attackers to access sensitive files by requesting them directly from the files directory. Attackers can send GET requests to the files directory to download database files like db.sq3…

  • CVE-2019-25239HigDec 24, 2025
    risk 0.49cvss 7.5epss 0.00

    V-SOL GPON/EPON OLT Platform 2.03 contains an unauthenticated information disclosure vulnerability that allows attackers to download configuration files via direct object reference. Attackers can retrieve sensitive configuration data by sending HTTP GET requests to the…

  • CVE-2024-43660HigJan 9, 2025
    risk 0.49cvss 7.5epss 0.01

    The CGI script .sh can be used to download any file on the filesystem. This issue affects Iocharger firmware for AC model chargers beforeversion 24120701. Likelihood: High, but credentials required. Impact: Critical – The script can be used to download any file on…

  • CVE-2024-7107HigSep 26, 2024
    risk 0.49cvss 7.5epss 0.00

    Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Services CyberMath allows Collect Data from Common Resource Locations. This issue affects CyberMath: before CYBM.240816253.

  • CVE-2024-7729HigAug 14, 2024
    risk 0.49cvss 7.5epss 0.01

    The CAYIN Technology CMS lacks proper access control, allowing unauthenticated remote attackers to download arbitrary CGI files.

  • CVE-2024-2759HigApr 4, 2024
    risk 0.49cvss 7.5epss 0.01

    Improper access control vulnerability in Apaczka plugin for PrestaShop allows information gathering from saved templates without authentication.This issue affects Apaczka plugin for PrestaShop from v1 through v4.

  • CVE-2024-2052HigMar 18, 2024
    risk 0.49cvss 7.5epss 0.01

    CWE-552: Files or Directories Accessible to External Parties vulnerability exists that could allow unauthenticated files and logs exfiltration and download of files when an attacker modifies the URL to download to a different location.

  • CVE-2023-1246HigMar 10, 2023
    risk 0.49cvss 7.5epss 0.01

    Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations. This issue affects Starcities: through 1.3.

  • CVE-2018-10869HigJul 19, 2018
    risk 0.49cvss 7.5epss 0.03

    redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.

  • CVE-2018-5112HigJun 11, 2018
    risk 0.49cvss 7.5epss 0.02

    Development Tools panels of an extension are required to load URLs for the panels as relative URLs from the extension manifest file but this requirement was not enforced in all instances. This could allow the development tools panel for the extension to load a URL that it should…

  • CVE-2017-12079HigDec 4, 2017
    risk 0.49cvss 7.5epss 0.02

    Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo Station before 6.8.1-3458 and before 6.3-2970 allows remote attackers to obtain arbitrary files via prog_id field.

  • CVE-2017-2551HigSep 28, 2017
    risk 0.49cvss 7.5epss 0.02

    Vulnerability in Wordpress plugin BackWPup before v3.4.2 allows possible brute forcing of backup file for download.

  • CVE-2017-11746HigJul 30, 2017
    risk 0.49cvss 7.5epss 0.01

    Tenshi 0.15 creates a tenshi.pid file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for tenshi.pid modification before a root script executes a "kill `cat…

  • CVE-2025-59054HigSep 12, 2025
    risk 0.48cvss epss 0.00

    dstack is a software development kit (SDK) to simplify the deployment of arbitrary containerized apps into trusted execution environments. In versions of dstack prior to 0.5.4, a malicious host may provide a crafted LUKS2 data volume to a dstack CVM for use as the `/data` mount.…

  • CVE-2024-56462HigMay 27, 2026
    risk 0.47cvss 7.2epss 0.00

    IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be restored and used to gain access to the underlying operating system.

  • CVE-2025-58356HigOct 27, 2025
    risk 0.47cvss epss 0.00

    Constellation is the first Confidential Kubernetes. The Constellation CVM image uses LUKS2-encrypted volumes for persistent storage. When opening an encrypted storage device, the CVM uses the libcryptsetup function crypt_activate_by_passhrase. If the VM is successful in opening…