Vulnerabilities (CVE)

Filtered by CWE-552
Total 278 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-31600 1 Hitachi 2 Vantara Pentaho, Vantara Pentaho Business Intelligence Server 2024-02-28 4.0 MEDIUM 4.3 MEDIUM
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user (regardless of privileges) can list all valid usernames.
CVE-2021-44315 1 Phpgurukul 1 Bus Pass Management System 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.
CVE-2022-22270 1 Google 1 Android 2024-02-28 4.3 MEDIUM 3.3 LOW
An implicit Intent hijacking vulnerability in Dialer prior to SMR Jan-2022 Release 1 allows unprivileged applications to access contact information.
CVE-2021-1512 1 Cisco 23 Catalyst Sd-wan Manager, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 20 more 2024-02-28 3.6 LOW 6.0 MEDIUM
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying file system of an affected system. This vulnerability is due to insufficient validation of the user-supplied input parameters of a specific CLI command. An attacker could exploit this vulnerability by issuing that command with specific parameters. A successful exploit could allow the attacker to overwrite the content in any arbitrary files that reside on the underlying host file system.
CVE-2021-1256 1 Cisco 1 Firepower Threat Defense 2024-02-28 3.6 LOW 6.0 MEDIUM
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to overwrite files on the file system of an affected device by using directory traversal techniques. A successful exploit could cause system instability if important system files are overwritten. This vulnerability is due to insufficient validation of user input for the file path in a specific CLI command. An attacker could exploit this vulnerability by logging in to a targeted device and issuing a specific CLI command with crafted user input. A successful exploit could allow the attacker to overwrite arbitrary files on the file system of the affected device. The attacker would need valid user credentials on the device.
CVE-2021-24154 1 Themeeditor 1 Theme Editor 2024-02-28 4.0 MEDIUM 4.9 MEDIUM
The Theme Editor WordPress plugin before 2.6 did not validate the GET file parameter before passing it to the download_file() function, allowing administrators to download arbitrary files on the web server, such as /etc/passwd
CVE-2020-25351 1 Rconfig 1 Rconfig 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability in rConfig 3.9.5 has been fixed for version 3.9.6. This vulnerability allowed remote authenticated attackers to read files on the system via a crafted request sent to to the /lib/crud/configcompare.crud.php script.
CVE-2021-36763 1 Codesys 7 Control, Control Rte, Control Runtime System Toolkit and 4 more 2024-02-28 5.0 MEDIUM 7.5 HIGH
In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.
CVE-2021-32752 1 Ethercreative 1 Logs 2024-02-28 4.0 MEDIUM 4.9 MEDIUM
Ether Logs is a package that allows one to check one's logs in the Craft 3 utilities section. A vulnerability was found in versions prior to 3.0.4 that allowed authenticated admin users to access any file on the server. The vulnerability has been fixed in version 3.0.4. As a workaround, one may disable the plugin if untrustworthy sources have admin access.
CVE-2021-22769 1 Schneider-electric 2 Easergy T300, Easergy T300 Firmware 2024-02-28 4.0 MEDIUM 4.3 MEDIUM
A CWE-552: Files or Directories Accessible to External Parties vulnerability exists in Easergy T300 with firmware V2.7.1 and older that could expose files or directory content when access from an attacker is not restricted or incorrectly restricted.
CVE-2020-22124 1 Joyplus-cms Project 1 Joyplus-cms 2024-02-28 5.0 MEDIUM 7.5 HIGH
A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information.
CVE-2021-29024 1 Invoiceplane 1 Invoiceplane 2024-02-28 5.0 MEDIUM 7.5 HIGH
In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. Allowing an attacker to directory traversal and download files suppose to be private without authentication.
CVE-2018-10867 1 Redhat 1 Certification 2024-02-28 6.4 MEDIUM 9.1 CRITICAL
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user.
CVE-2021-36233 1 Unit4 1 Mik.starlight 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
The function AdminGetFirstFileContentByFilePath in MIK.starlight 7.9.5.24363 allows (by design) an authenticated attacker to read arbitrary files from the filesystem by specifying the file path.
CVE-2021-29969 1 Mozilla 1 Thunderbird 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
If Thunderbird was configured to use STARTTLS for an IMAP connection, and an attacker injected IMAP server responses prior to the completion of the STARTTLS handshake, then Thunderbird didn't ignore the injected data. This could have resulted in Thunderbird showing incorrect information, for example the attacker could have tricked Thunderbird to show folders that didn't exist on the IMAP server. This vulnerability affects Thunderbird < 78.12.
CVE-2021-21429 1 Openapi-generator 1 Openapi Generator 2024-02-28 2.1 LOW 3.3 LOW
OpenAPI Generator allows generation of API client libraries, server stubs, documentation and configuration automatically given an OpenAPI Spec. Using `File.createTempFile` in JDK will result in creating and using insecure temporary files that can leave application and system data vulnerable to attacks. OpenAPI Generator maven plug-in creates insecure temporary files during the process. The issue has been patched with `Files.createTempFile` and released in the v5.1.0 stable version.
CVE-2021-33359 1 Sensepost 1 Gowitness 2024-02-28 5.0 MEDIUM 7.5 HIGH
A vulnerability exists in gowitness < 2.3.6 that allows an unauthenticated attacker to perform an arbitrary file read using the file:// scheme in the url parameter to get an image of any file.
CVE-2021-34765 1 Cisco 1 Nexus Insights 2024-02-28 4.0 MEDIUM 4.3 MEDIUM
A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. The attacker requires valid device credentials. This vulnerability exists because proper role-based access control (RBAC) filters are not applied to file download actions. An attacker could exploit this vulnerability by logging in to the application and then navigating to the directory listing and download functions. A successful exploit could allow the attacker to download sensitive files that should be restricted, which could result in disclosure of sensitive information.
CVE-2021-31831 1 Mcafee 1 Database Security 2024-02-28 6.5 MEDIUM 5.5 MEDIUM
Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.
CVE-2021-37348 1 Nagios 1 Nagios Xi 2024-02-28 5.0 MEDIUM 7.5 HIGH
Nagios XI before version 5.8.5 is vulnerable to local file inclusion through improper limitation of a pathname in index.php.