VYPR

CWE-552

Files or Directories Accessible to External Parties

BaseDraft

Description

The product makes files or directories accessible to unauthorized actors, even though they should not be.

Hierarchy (View 1000)

Related attack patterns (CAPEC)

CAPEC-150 · CAPEC-639

CVEs mapped to this weakness (182)

page 5 of 10
  • CVE-2025-15065MedDec 29, 2025
    risk 0.41cvss 6.3epss 0.00

    Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service,…

  • CVE-2017-2622MedJul 27, 2018
    risk 0.38cvss 5.9epss 0.00

    An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.

  • CVE-2026-40425MedMay 29, 2026
    risk 0.37cvss 5.7epss 0.00

    The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to authentication, potentially changing the root password.

  • CVE-2026-35440MedMay 12, 2026
    risk 0.36cvss 5.5epss 0.00

    Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

  • CVE-2026-32185MedMay 12, 2026
    risk 0.36cvss 5.5epss 0.00

    Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.

  • CVE-2024-23282MedJun 10, 2024
    risk 0.36cvss 5.5epss 0.00

    The issue was addressed with improved checks. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, watchOS 10.5. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.

  • CVE-2021-42744MedNov 19, 2021
    risk 0.36cvss 5.5epss 0.00

    Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

  • CVE-2017-2621MedJul 27, 2018
    risk 0.36cvss 5.5epss 0.00

    An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information.

  • CVE-2017-7079MedOct 23, 2017
    risk 0.36cvss 5.5epss 0.01

    An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups (written by iTunes) via a crafted app.

  • CVE-2017-11829MedOct 13, 2017
    risk 0.36cvss 5.5epss 0.04

    Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions.

  • CVE-2015-1350MedMay 2, 2016
    risk 0.36cvss 5.5epss 0.00

    The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a…

  • CVE-2026-40564MedMay 26, 2026
    risk 0.35cvss 6.5epss 0.00

    Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF) vulnerability in Apache Flink Kubernetes Operator. The FlinkSessionJob jarURI is currently not validated so that it points to user-owned files or addresses.  This lets a user with CR…

  • CVE-2026-7817MedMay 11, 2026
    risk 0.35cvss 6.5epss 0.00

    Local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied api_key_file and api_url preferences were passed to the LLM provider clients without validation. An authenticated user could read…

  • CVE-2025-5273MedMay 29, 2025
    risk 0.35cvss 6.5epss 0.00

    All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by the MCP host, will allow it to read arbitrary files from the host…

  • CVE-2024-44807MedOct 11, 2024
    risk 0.35cvss 5.3epss 0.01

    A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files.

  • CVE-2026-33380MedMay 13, 2026
    risk 0.34cvss 6.3epss 0.00

    A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from the Grafana server's filesystem. Only instances with the sqlExpressions feature toggle enabled are vulnerable.

  • CVE-2026-5335MedMay 4, 2026
    risk 0.34cvss 5.3epss 0.00

    The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.

  • CVE-2026-4900MedMar 26, 2026
    risk 0.34cvss 5.3epss 0.00

    A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to…

  • CVE-2026-4532MedMar 22, 2026
    risk 0.34cvss 5.3epss 0.00

    A security vulnerability has been detected in code-projects Simple Food Ordering System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /food/sql/food.sql of the component Database Backup Handler. The manipulation leads to files or directories…

  • CVE-2025-14442MedDec 12, 2025
    risk 0.34cvss 5.3epss 0.00

    The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to sensitive information exposure due to storage of exported CSV files in a publicly accessible directory with predictable filenames in all versions up to, and including, 4.9.2. This makes…