Common Weakness Enumeration

CWE-552

Allowed

Files or Directories Accessible to External Parties

Abstraction: Base · Status: Draft

The product makes files or directories accessible to unauthorized actors, even though they should not be.

670 vulnerabilities reference this CWE, most recent first.

GHSA-PMGM-PV8C-PW29

Vulnerability from github – Published: 2021-12-17 00:00 – Updated: 2023-11-14 21:30
VLAI
Details

In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-44315"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-16T19:15:00Z",
    "severity": "HIGH"
  },
  "details": "In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.",
  "id": "GHSA-pmgm-pv8c-pw29",
  "modified": "2023-11-14T21:30:47Z",
  "published": "2021-12-17T00:00:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44315"
    },
    {
      "type": "WEB",
      "url": "https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/blob/master/Directory%20listing/Report_Directory%20listing.pdf"
    },
    {
      "type": "WEB",
      "url": "https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/tree/master/Directory%20listing"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PMX6-P7G8-55GF

Vulnerability from github – Published: 2021-12-04 00:00 – Updated: 2021-12-07 00:00
VLAI
Details

Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-43772"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-12-03T11:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.",
  "id": "GHSA-pmx6-p7g8-55gf",
  "modified": "2021-12-07T00:00:59Z",
  "published": "2021-12-04T00:00:54Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43772"
    },
    {
      "type": "WEB",
      "url": "https://helpcenter.trendmicro.com/en-us/article/tmka-10855"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-PRC6-9XC4-P6V8

Vulnerability from github – Published: 2025-03-11 12:30 – Updated: 2025-03-11 12:30
VLAI
Details

A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not properly restrict the scope of files accessible to the simulation model. This could allow an unauthorized attacker to compromise the confidentiality of the system.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-25267"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-03-11T10:15:18Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0021), Tecnomatix Plant Simulation V2404 (All versions \u003c V2404.0010). The affected application does not properly restrict the scope of files accessible to the simulation model. This could allow an unauthorized attacker to compromise the confidentiality of the system.",
  "id": "GHSA-prc6-9xc4-p6v8",
  "modified": "2025-03-11T12:30:59Z",
  "published": "2025-03-11T12:30:59Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25267"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-507653.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-PWFP-GQPX-2MGG

Vulnerability from github – Published: 2023-10-30 15:30 – Updated: 2023-11-13 15:30
VLAI
Details

The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the 'php-to-page' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute code on the server. While subscribers may need to poison log files or otherwise get a file installed in order to achieve remote code execution, author and above users can upload files by default and achieve remote code execution easily.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-5199"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552",
      "CWE-98"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-10-30T14:15:09Z",
    "severity": "HIGH"
  },
  "details": "The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the \u0027php-to-page\u0027 shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute code on the server. While subscribers may need to poison log files or otherwise get a file installed in order to achieve remote code execution, author and above users can upload files by default and achieve remote code execution easily.",
  "id": "GHSA-pwfp-gqpx-2mgg",
  "modified": "2023-11-13T15:30:19Z",
  "published": "2023-10-30T15:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5199"
    },
    {
      "type": "WEB",
      "url": "https://plugins.trac.wordpress.org/browser/php-to-page/trunk/php-to-page.php?rev=441028#L22"
    },
    {
      "type": "WEB",
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/83e5a0dc-fc51-4565-945f-190cf9175874?source=cve"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PWP2-83MH-QJ49

Vulnerability from github – Published: 2023-06-23 18:30 – Updated: 2024-04-04 05:07
VLAI
Details

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-42834"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-06-23T18:15:10Z",
    "severity": "LOW"
  },
  "details": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression",
  "id": "GHSA-pwp2-83mh-qj49",
  "modified": "2024-04-04T05:07:03Z",
  "published": "2023-06-23T18:30:23Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42834"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213488"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213603"
    },
    {
      "type": "WEB",
      "url": "https://support.apple.com/en-us/HT213604"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-PXVW-4W88-6X95

Vulnerability from github – Published: 2025-09-09 15:12 – Updated: 2025-09-10 21:08
VLAI
Summary
copyparty: Sharing a single file does not fully restrict access to other files in source folder
Details

There was a missing permission-check in the shares feature (the shr global-option).

When a share is created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames.

It was not possible to descend into subdirectories in this manner; only the sibling files were accessible.

This issue did not affect filekeys or dirkeys.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "copyparty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.19.8"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-58753"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552",
      "CWE-862"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-09-09T15:12:17Z",
    "nvd_published_at": "2025-09-09T20:15:49Z",
    "severity": "MODERATE"
  },
  "details": "There was a missing permission-check in the shares feature (the `shr` global-option).\n\nWhen a share is created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames.\n\nIt was not possible to descend into subdirectories in this manner; only the sibling files were accessible.\n\nThis issue did not affect filekeys or dirkeys.",
  "id": "GHSA-pxvw-4w88-6x95",
  "modified": "2025-09-10T21:08:10Z",
  "published": "2025-09-09T15:12:17Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/9001/copyparty/security/advisories/GHSA-pxvw-4w88-6x95"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58753"
    },
    {
      "type": "WEB",
      "url": "https://github.com/9001/copyparty/commit/e0a92ba72d46074209a9c304eb2a01ca0429e60c"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/9001/copyparty"
    },
    {
      "type": "WEB",
      "url": "https://github.com/9001/copyparty/releases/tag/v1.19.8"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "copyparty: Sharing a single file does not fully restrict access to other files in source folder"
}

GHSA-Q247-WJ3R-2X97

Vulnerability from github – Published: 2024-09-18 15:30 – Updated: 2026-06-03 15:30
VLAI
Details

Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations.This issue affects Panel: before v2.3.24.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6878"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-18T15:15:18Z",
    "severity": "CRITICAL"
  },
  "details": "Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations.This issue affects Panel: before v2.3.24.",
  "id": "GHSA-q247-wj3r-2x97",
  "modified": "2026-06-03T15:30:35Z",
  "published": "2024-09-18T15:30:53Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6878"
    },
    {
      "type": "WEB",
      "url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1497"
    },
    {
      "type": "WEB",
      "url": "https://www.usom.gov.tr/bildirim/tr-24-1497"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-Q2FP-JW87-86PX

Vulnerability from github – Published: 2023-06-22 12:30 – Updated: 2023-06-30 20:18
VLAI
Summary
laravel-s vulnerable to Local File Inclusion
Details

laravel-s prior to 3.7.36 is vulnerable to Local File Inclusion via /src/Illuminate/Laravel.php.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Packagist",
        "name": "hhxsv5/laravel-s"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.7.36"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-29931"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-22T20:00:46Z",
    "nvd_published_at": "2023-06-22T11:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "laravel-s prior to 3.7.36 is vulnerable to Local File Inclusion via `/src/Illuminate/Laravel.php`.",
  "id": "GHSA-q2fp-jw87-86px",
  "modified": "2023-06-30T20:18:57Z",
  "published": "2023-06-22T12:30:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29931"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hhxsv5/laravel-s/issues/437"
    },
    {
      "type": "WEB",
      "url": "https://github.com/hhxsv5/laravel-s/commit/05aa615527725f0b696da78ae4c7d3a5065bac6d"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/hhxsv5/laravel-s"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "laravel-s vulnerable to Local File Inclusion"
}

GHSA-Q35W-85PQ-RV3X

Vulnerability from github – Published: 2022-11-10 12:01 – Updated: 2025-09-04 18:23
VLAI
Summary
Payara, when deployed to the root context, allows attackers to visit META-INF and WEB-INF
Details

Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x before 6.2022.1, and Payara Platform Enterprise before 5.45.0.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "fish.payara.distributions:payara"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "6.2021.1.Alpha1"
            },
            {
              "fixed": "6.2022.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c 5.2022.2"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "fish.payara.distributions:payara"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "5.0.0.Alpha1"
            },
            {
              "fixed": "5.2022.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Maven",
        "name": "fish.payara.distributions:payara"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "4.1.2.181"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2022-45129"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-552"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-09-04T18:23:53Z",
    "nvd_published_at": "2022-11-10T06:15:00Z",
    "severity": "HIGH"
  },
  "details": "Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x before 6.2022.1, and Payara Platform Enterprise before 5.45.0.",
  "id": "GHSA-q35w-85pq-rv3x",
  "modified": "2025-09-04T18:23:53Z",
  "published": "2022-11-10T12:01:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45129"
    },
    {
      "type": "WEB",
      "url": "https://github.com/payara/Payara/issues/6136"
    },
    {
      "type": "WEB",
      "url": "https://github.com/payara/Payara/commit/cccdfddeda71c78ae7b3179db5429e1bb8a56b2e"
    },
    {
      "type": "WEB",
      "url": "https://blog.payara.fish/whats-new-in-the-november-2022-payara-platform-release"
    },
    {
      "type": "WEB",
      "url": "https://docs.payara.fish/community/docs/6.2022.1/Release%20Notes/Release%20Notes%206.2022.1.html"
    },
    {
      "type": "WEB",
      "url": "https://docs.payara.fish/community/docs/Release%20Notes/Release%20Notes%205.2022.4.html"
    },
    {
      "type": "WEB",
      "url": "https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%205.45.0.html"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/payara/Payara"
    },
    {
      "type": "WEB",
      "url": "https://github.com/payara/Payara/issues?q=FISH-6775"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/169864/Payara-Platform-Path-Traversal.html"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2022/Nov/11"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Payara, when deployed to the root context, allows attackers to visit META-INF and WEB-INF"
}

GHSA-Q37P-4RW5-7329

Vulnerability from github – Published: 2023-04-03 15:30 – Updated: 2023-04-09 00:30
VLAI
Details

The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-1124"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-22",
      "CWE-552"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-03T15:15:00Z",
    "severity": "HIGH"
  },
  "details": "The Shopping Cart \u0026 eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.",
  "id": "GHSA-q37p-4rw5-7329",
  "modified": "2023-04-09T00:30:15Z",
  "published": "2023-04-03T15:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1124"
    },
    {
      "type": "WEB",
      "url": "https://wpscan.com/vulnerability/229b93cd-544b-4877-8d9f-e6debda9511c"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.

CAPEC-150: Collect Data from Common Resource Locations

An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.

CAPEC-639: Probe System Files

An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.