CWE-552
AllowedFiles or Directories Accessible to External Parties
Abstraction: Base · Status: Draft
The product makes files or directories accessible to unauthorized actors, even though they should not be.
670 vulnerabilities reference this CWE, most recent first.
GHSA-PMGM-PV8C-PW29
Vulnerability from github – Published: 2021-12-17 00:00 – Updated: 2023-11-14 21:30In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.
{
"affected": [],
"aliases": [
"CVE-2021-44315"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-16T19:15:00Z",
"severity": "HIGH"
},
"details": "In Bus Pass Management System v1.0, Directory Listing/Browsing is enabled on the web server which allows an attacker to view the sensitive files of the application, for example: Any file which contains sensitive information of the user or server.",
"id": "GHSA-pmgm-pv8c-pw29",
"modified": "2023-11-14T21:30:47Z",
"published": "2021-12-17T00:00:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-44315"
},
{
"type": "WEB",
"url": "https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/blob/master/Directory%20listing/Report_Directory%20listing.pdf"
},
{
"type": "WEB",
"url": "https://github.com/abhiunix/Bus-Pass-Management-System-v1.0/tree/master/Directory%20listing"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PMX6-P7G8-55GF
Vulnerability from github – Published: 2021-12-04 00:00 – Updated: 2021-12-07 00:00Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.
{
"affected": [],
"aliases": [
"CVE-2021-43772"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2021-12-03T11:15:00Z",
"severity": "MODERATE"
},
"details": "Trend Micro Security 2021 v17.0 (Consumer) contains a vulnerability that allows files inside the protected folder to be modified without any detection.",
"id": "GHSA-pmx6-p7g8-55gf",
"modified": "2021-12-07T00:00:59Z",
"published": "2021-12-04T00:00:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43772"
},
{
"type": "WEB",
"url": "https://helpcenter.trendmicro.com/en-us/article/tmka-10855"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-PRC6-9XC4-P6V8
Vulnerability from github – Published: 2025-03-11 12:30 – Updated: 2025-03-11 12:30A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application does not properly restrict the scope of files accessible to the simulation model. This could allow an unauthorized attacker to compromise the confidentiality of the system.
{
"affected": [],
"aliases": [
"CVE-2025-25267"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-03-11T10:15:18Z",
"severity": "MODERATE"
},
"details": "A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions \u003c V2302.0021), Tecnomatix Plant Simulation V2404 (All versions \u003c V2404.0010). The affected application does not properly restrict the scope of files accessible to the simulation model. This could allow an unauthorized attacker to compromise the confidentiality of the system.",
"id": "GHSA-prc6-9xc4-p6v8",
"modified": "2025-03-11T12:30:59Z",
"published": "2025-03-11T12:30:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25267"
},
{
"type": "WEB",
"url": "https://cert-portal.siemens.com/productcert/html/ssa-507653.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-PWFP-GQPX-2MGG
Vulnerability from github – Published: 2023-10-30 15:30 – Updated: 2023-11-13 15:30The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the 'php-to-page' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute code on the server. While subscribers may need to poison log files or otherwise get a file installed in order to achieve remote code execution, author and above users can upload files by default and achieve remote code execution easily.
{
"affected": [],
"aliases": [
"CVE-2023-5199"
],
"database_specific": {
"cwe_ids": [
"CWE-552",
"CWE-98"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-10-30T14:15:09Z",
"severity": "HIGH"
},
"details": "The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the \u0027php-to-page\u0027 shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute code on the server. While subscribers may need to poison log files or otherwise get a file installed in order to achieve remote code execution, author and above users can upload files by default and achieve remote code execution easily.",
"id": "GHSA-pwfp-gqpx-2mgg",
"modified": "2023-11-13T15:30:19Z",
"published": "2023-10-30T15:30:45Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5199"
},
{
"type": "WEB",
"url": "https://plugins.trac.wordpress.org/browser/php-to-page/trunk/php-to-page.php?rev=441028#L22"
},
{
"type": "WEB",
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/83e5a0dc-fc51-4565-945f-190cf9175874?source=cve"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-PWP2-83MH-QJ49
Vulnerability from github – Published: 2023-06-23 18:30 – Updated: 2024-04-04 05:07An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression
{
"affected": [],
"aliases": [
"CVE-2022-42834"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-06-23T18:15:10Z",
"severity": "LOW"
},
"details": "An access issue was addressed with improved access restrictions. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13, macOS Big Sur 11.7.3. An app may be able to access mail folder attachments through a temporary directory used during compression",
"id": "GHSA-pwp2-83mh-qj49",
"modified": "2024-04-04T05:07:03Z",
"published": "2023-06-23T18:30:23Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-42834"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213488"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213603"
},
{
"type": "WEB",
"url": "https://support.apple.com/en-us/HT213604"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-PXVW-4W88-6X95
Vulnerability from github – Published: 2025-09-09 15:12 – Updated: 2025-09-10 21:08There was a missing permission-check in the shares feature (the shr global-option).
When a share is created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames.
It was not possible to descend into subdirectories in this manner; only the sibling files were accessible.
This issue did not affect filekeys or dirkeys.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "copyparty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-58753"
],
"database_specific": {
"cwe_ids": [
"CWE-552",
"CWE-862"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-09T15:12:17Z",
"nvd_published_at": "2025-09-09T20:15:49Z",
"severity": "MODERATE"
},
"details": "There was a missing permission-check in the shares feature (the `shr` global-option).\n\nWhen a share is created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames.\n\nIt was not possible to descend into subdirectories in this manner; only the sibling files were accessible.\n\nThis issue did not affect filekeys or dirkeys.",
"id": "GHSA-pxvw-4w88-6x95",
"modified": "2025-09-10T21:08:10Z",
"published": "2025-09-09T15:12:17Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/9001/copyparty/security/advisories/GHSA-pxvw-4w88-6x95"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58753"
},
{
"type": "WEB",
"url": "https://github.com/9001/copyparty/commit/e0a92ba72d46074209a9c304eb2a01ca0429e60c"
},
{
"type": "PACKAGE",
"url": "https://github.com/9001/copyparty"
},
{
"type": "WEB",
"url": "https://github.com/9001/copyparty/releases/tag/v1.19.8"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "copyparty: Sharing a single file does not fully restrict access to other files in source folder"
}
GHSA-Q247-WJ3R-2X97
Vulnerability from github – Published: 2024-09-18 15:30 – Updated: 2026-06-03 15:30Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations.This issue affects Panel: before v2.3.24.
{
"affected": [],
"aliases": [
"CVE-2024-6878"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-09-18T15:15:18Z",
"severity": "CRITICAL"
},
"details": "Files or Directories Accessible to External Parties vulnerability in Eliz Software Panel allows Collect Data from Common Resource Locations.This issue affects Panel: before v2.3.24.",
"id": "GHSA-q247-wj3r-2x97",
"modified": "2026-06-03T15:30:35Z",
"published": "2024-09-18T15:30:53Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6878"
},
{
"type": "WEB",
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-24-1497"
},
{
"type": "WEB",
"url": "https://www.usom.gov.tr/bildirim/tr-24-1497"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-Q2FP-JW87-86PX
Vulnerability from github – Published: 2023-06-22 12:30 – Updated: 2023-06-30 20:18laravel-s prior to 3.7.36 is vulnerable to Local File Inclusion via /src/Illuminate/Laravel.php.
{
"affected": [
{
"package": {
"ecosystem": "Packagist",
"name": "hhxsv5/laravel-s"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.36"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2023-29931"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2023-06-22T20:00:46Z",
"nvd_published_at": "2023-06-22T11:15:09Z",
"severity": "CRITICAL"
},
"details": "laravel-s prior to 3.7.36 is vulnerable to Local File Inclusion via `/src/Illuminate/Laravel.php`.",
"id": "GHSA-q2fp-jw87-86px",
"modified": "2023-06-30T20:18:57Z",
"published": "2023-06-22T12:30:14Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-29931"
},
{
"type": "WEB",
"url": "https://github.com/hhxsv5/laravel-s/issues/437"
},
{
"type": "WEB",
"url": "https://github.com/hhxsv5/laravel-s/commit/05aa615527725f0b696da78ae4c7d3a5065bac6d"
},
{
"type": "PACKAGE",
"url": "https://github.com/hhxsv5/laravel-s"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "laravel-s vulnerable to Local File Inclusion"
}
GHSA-Q35W-85PQ-RV3X
Vulnerability from github – Published: 2022-11-10 12:01 – Updated: 2025-09-04 18:23Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x before 6.2022.1, and Payara Platform Enterprise before 5.45.0.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "fish.payara.distributions:payara"
},
"ranges": [
{
"events": [
{
"introduced": "6.2021.1.Alpha1"
},
{
"fixed": "6.2022.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c 5.2022.2"
},
"package": {
"ecosystem": "Maven",
"name": "fish.payara.distributions:payara"
},
"ranges": [
{
"events": [
{
"introduced": "5.0.0.Alpha1"
},
{
"fixed": "5.2022.5"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Maven",
"name": "fish.payara.distributions:payara"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "4.1.2.181"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2022-45129"
],
"database_specific": {
"cwe_ids": [
"CWE-552"
],
"github_reviewed": true,
"github_reviewed_at": "2025-09-04T18:23:53Z",
"nvd_published_at": "2022-11-10T06:15:00Z",
"severity": "HIGH"
},
"details": "Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x before 6.2022.1, and Payara Platform Enterprise before 5.45.0.",
"id": "GHSA-q35w-85pq-rv3x",
"modified": "2025-09-04T18:23:53Z",
"published": "2022-11-10T12:01:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45129"
},
{
"type": "WEB",
"url": "https://github.com/payara/Payara/issues/6136"
},
{
"type": "WEB",
"url": "https://github.com/payara/Payara/commit/cccdfddeda71c78ae7b3179db5429e1bb8a56b2e"
},
{
"type": "WEB",
"url": "https://blog.payara.fish/whats-new-in-the-november-2022-payara-platform-release"
},
{
"type": "WEB",
"url": "https://docs.payara.fish/community/docs/6.2022.1/Release%20Notes/Release%20Notes%206.2022.1.html"
},
{
"type": "WEB",
"url": "https://docs.payara.fish/community/docs/Release%20Notes/Release%20Notes%205.2022.4.html"
},
{
"type": "WEB",
"url": "https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%205.45.0.html"
},
{
"type": "PACKAGE",
"url": "https://github.com/payara/Payara"
},
{
"type": "WEB",
"url": "https://github.com/payara/Payara/issues?q=FISH-6775"
},
{
"type": "WEB",
"url": "http://packetstormsecurity.com/files/169864/Payara-Platform-Path-Traversal.html"
},
{
"type": "WEB",
"url": "http://seclists.org/fulldisclosure/2022/Nov/11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Payara, when deployed to the root context, allows attackers to visit META-INF and WEB-INF"
}
GHSA-Q37P-4RW5-7329
Vulnerability from github – Published: 2023-04-03 15:30 – Updated: 2023-04-09 00:30The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.
{
"affected": [],
"aliases": [
"CVE-2023-1124"
],
"database_specific": {
"cwe_ids": [
"CWE-22",
"CWE-552"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-03T15:15:00Z",
"severity": "HIGH"
},
"details": "The Shopping Cart \u0026 eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.",
"id": "GHSA-q37p-4rw5-7329",
"modified": "2023-04-09T00:30:15Z",
"published": "2023-04-03T15:30:16Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1124"
},
{
"type": "WEB",
"url": "https://wpscan.com/vulnerability/229b93cd-544b-4877-8d9f-e6debda9511c"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
Mitigation
When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to disable public access.
CAPEC-150: Collect Data from Common Resource Locations
An adversary exploits well-known locations for resources for the purposes of undermining the security of the target. In many, if not most systems, files and resources are organized in a default tree structure. This can be useful for adversaries because they often know where to look for resources or files that are necessary for attacks. Even when the precise location of a targeted resource may not be known, naming conventions may indicate a small area of the target machine's file tree where the resources are typically located. For example, configuration files are normally stored in the /etc director on Unix systems. Adversaries can take advantage of this to commit other types of attacks.
CAPEC-639: Probe System Files
An adversary obtains unauthorized information due to improperly protected files. If an application stores sensitive information in a file that is not protected by proper access control, then an adversary can access the file and search for sensitive information.