Common Weakness Enumeration

CWE-552

Allowed

Files or Directories Accessible to External Parties

Abstraction: Base · Status: Draft

The product makes files or directories accessible to unauthorized actors, even though they should not be.

670 vulnerabilities reference this CWE, most recent first.

GHSA-RX6G-PR26-7GXJ

Vulnerability from github – Published: 2024-06-10 21:30 – Updated: 2026-04-02 21:31
VLAI
Details

The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-23282"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-10T21:15:49Z",
    "severity": "MODERATE"
  },
  "details": "The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.5, watchOS 10.5, iOS 17.5 and iPadOS 17.5, iOS 16.7.8 and iPadOS 16.7.8. A maliciously crafted email may be able to initiate FaceTime calls without user authorization.",
  "id": "GHSA-rx6g-pr26-7gxj",
  "modified": "2026-04-02T21:31:44Z",
  "published": "2024-06-10T21:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23282"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/120898"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/120902"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/120903"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/120905"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214100"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214101"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214104"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT214106"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214100"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214101"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214104"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/kb/HT214106"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-RXFQ-3VPC-VV72

Vulnerability from github – Published: 2022-04-06 00:01 – Updated: 2022-04-22 20:33
VLAI
Summary
Files or Directories Accessible to External Parties in Adminer
Details

Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "vrana/adminer"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.12.0"
            },
            {
              "fixed": "4.6.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2021-43008"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-04-22T20:33:36Z",
    "nvd_published_at": "2022-04-05T02:15:00Z",
    "severity": "HIGH"
  },
  "details": "Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.",
  "id": "GHSA-rxfq-3vpc-vv72",
  "modified": "2022-04-22T20:33:36Z",
  "published": "2022-04-06T00:01:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43008"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/vrana/adminer"
    },
    {
      "type": "WEB",
      "url": "https://github.com/vrana/adminer/releases/tag/v4.6.3"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00012.html"
    },
    {
      "type": "WEB",
      "url": "https://podalirius.net/en/cves/2021-43008"
    },
    {
      "type": "WEB",
      "url": "https://sansec.io/research/adminer-4.6.2-file-disclosure-vulnerability"
    },
    {
      "type": "WEB",
      "url": "https://www.adminer.org"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Files or Directories Accessible to External Parties in Adminer"
}

GHSA-V3F4-PGV5-QQHC

Vulnerability from github – Published: 2026-05-04 09:31 – Updated: 2026-05-04 15:31
VLAI
Details

The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-5335"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-04T07:16:01Z",
    "severity": "MODERATE"
  },
  "details": "The Magic Export \u0026 Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.",
  "id": "GHSA-v3f4-pgv5-qqhc",
  "modified": "2026-05-04T15:31:13Z",
  "published": "2026-05-04T09:31:09Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5335"
    },
    {
      "type": "WEB",
      "url": "https://wpscan.com/vulnerability/ed6f00de-bbae-4e89-9d0e-ded0d70e781c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V3M2-CRXW-2GFM

Vulnerability from github – Published: 2023-07-10 21:31 – Updated: 2024-04-04 05:54
VLAI
Details

?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an attacker to retrieve file contents.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-34316"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-284",
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-07-10T20:15:15Z",
    "severity": "HIGH"
  },
  "details": "?An attacker could bypass the latest Delta Electronics InfraSuite Device Master (versions prior to 1.0.7) patch, which could allow an attacker to retrieve file contents.",
  "id": "GHSA-v3m2-crxw-2gfm",
  "modified": "2024-04-04T05:54:05Z",
  "published": "2023-07-10T21:31:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34316"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-180-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V46R-626M-F3PP

Vulnerability from github – Published: 2023-04-07 21:30 – Updated: 2023-04-13 21:30
VLAI
Details

GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-27180"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-07T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup feature which is accessible via /_admin/backup.php.",
  "id": "GHSA-v46r-626m-f3pp",
  "modified": "2023-04-13T21:30:27Z",
  "published": "2023-04-07T21:30:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27180"
    },
    {
      "type": "WEB",
      "url": "https://gist.github.com/Hadi999/d691e35d4f494d37ccc5638e68227606"
    },
    {
      "type": "WEB",
      "url": "https://github.com/chamilo/pclzip"
    },
    {
      "type": "WEB",
      "url": "https://www.gdidees.eu/cms-1-0.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V4W4-M4H5-JQF4

Vulnerability from github – Published: 2024-08-13 15:31 – Updated: 2024-08-13 15:31
VLAI
Details

An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-3913"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-13T13:15:12Z",
    "severity": "HIGH"
  },
  "details": "An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup.",
  "id": "GHSA-v4w4-m4h5-jqf4",
  "modified": "2024-08-13T15:31:35Z",
  "published": "2024-08-13T15:31:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3913"
    },
    {
      "type": "WEB",
      "url": "https://cert.vde.com/en/advisories/VDE-2024-022"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V69J-Q2RV-25RQ

Vulnerability from github – Published: 2023-10-05 18:31 – Updated: 2025-05-20 09:30
VLAI
Details

In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client's temporary directory is now locked down

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-45160"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-05T16:15:12Z",
    "severity": "HIGH"
  },
  "details": "In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction resource files, e.g., to substitute a harmful script. by replacing a resource script file created by an instruction at run time with a malicious script. This has been fixed in patch Q23094 as the 1E Client\u0027s temporary directory is now locked down",
  "id": "GHSA-v69j-q2rv-25rq",
  "modified": "2025-05-20T09:30:59Z",
  "published": "2023-10-05T18:31:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45160"
    },
    {
      "type": "WEB",
      "url": "https://1e.my.site.com/s"
    },
    {
      "type": "WEB",
      "url": "https://www.1e.com/trust-security-compliance/cve-info"
    },
    {
      "type": "WEB",
      "url": "https://www.1e.com/vulnerability-disclosure-policy"
    },
    {
      "type": "WEB",
      "url": "https://www.teamviewer.com/en/resources/trust-center/security-bulletins/1e-2023-2002"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V6V2-8Q4W-PWMG

Vulnerability from github – Published: 2022-05-24 19:11 – Updated: 2022-05-24 19:11
VLAI
Details

A vulnerability in the \inc\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2020-22124"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-08-18T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability in the \\inc\\config.php component of joyplus-cms v1.6 allows attackers to access sensitive information.",
  "id": "GHSA-v6v2-8q4w-pwmg",
  "modified": "2022-05-24T19:11:30Z",
  "published": "2022-05-24T19:11:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-22124"
    },
    {
      "type": "WEB",
      "url": "https://github.com/876054426/vul/issues/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-V79F-MW24-4MX3

Vulnerability from github – Published: 2023-02-22 21:30 – Updated: 2023-03-03 03:30
VLAI
Details

A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-22974"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-02-22T21:15:00Z",
    "severity": "HIGH"
  },
  "details": "A Path Traversal in setup.php in OpenEMR \u003c 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.",
  "id": "GHSA-v79f-mw24-4mx3",
  "modified": "2023-03-03T03:30:23Z",
  "published": "2023-02-22T21:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22974"
    },
    {
      "type": "WEB",
      "url": "https://www.open-emr.org/wiki/index.php/OpenEMR_Patches#7.0.0_Patch_.2811.2F30.2F22.29"
    },
    {
      "type": "WEB",
      "url": "https://www.sonarsource.com/blog/openemr-remote-code-execution-in-your-healthcare-system"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-V7M4-RWP4-VMRQ

Vulnerability from github – Published: 2026-05-12 18:30 – Updated: 2026-05-13 18:30
VLAI
Details

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The DELETE /storage/{object_name:path} endpoint lacks authentication, authorization, and input validation mechanisms. Unauthenticated remote attackers can send crafted requests with a user-controlled object_name path parameter to delete arbitrary files from the underlying MinIO storage system. Successful exploitation leads to data loss and denial of service.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-31216"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-12T16:16:13Z",
    "severity": "CRITICAL"
  },
  "details": "The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion vulnerability in its file management API. The DELETE /storage/{object_name:path} endpoint lacks authentication, authorization, and input validation mechanisms. Unauthenticated remote attackers can send crafted requests with a user-controlled object_name path parameter to delete arbitrary files from the underlying MinIO storage system. Successful exploitation leads to data loss and denial of service.",
  "id": "GHSA-v7m4-rwp4-vmrq",
  "modified": "2026-05-13T18:30:40Z",
  "published": "2026-05-12T18:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31216"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ModelEngine-Group/nexent"
    },
    {
      "type": "WEB",
      "url": "https://www.notion.so/CVE-2026-31216-35d1e139318881208297f0fbd8005f68"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.

CAPEC-150: Collect Data from Common Resource Locations

An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.

CAPEC-639: Probe System Files

An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.