Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4909 | 2025-05-19 | 7.5 HIGH | 7.3 HIGH | ||
| A vulnerability classified as critical was found in SourceCodester Client Database Management System 1.0. This vulnerability affects unknown code. The manipulation leads to exposure of information through directory listing. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4807 | 2025-05-19 | 5.0 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability, which was classified as problematic, was found in SourceCodester Online Student Clearance System 1.0. This affects an unknown part. The manipulation leads to exposure of information through directory listing. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-1138 | 2025-05-16 | N/A | 4.3 MEDIUM | ||
| IBM InfoSphere Information Server 11.7 could disclose sensitive information to an authenticated user that could aid in further attacks against the system through a directory listing. | |||||
| CVE-2025-2651 | 1 Oretnom23 | 1 Online Eyewear Shop | 2025-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /oews/admin/. The manipulation leads to exposure of information through directory listing. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. Multiple sub-directories are affected. | |||||
| CVE-2025-2038 | 1 Code-projects | 1 Blood Bank Management System | 2025-05-13 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /upload/. The manipulation leads to exposure of information through directory listing. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-45320 | 1 Lopalopa | 1 Online Service Management Portal | 2025-05-07 | N/A | 5.3 MEDIUM |
| A Directory Listing Vulnerability was found in the /osms/Requester/ directory of the Kashipara Online Service Management Portal V1.0. | |||||
| CVE-2024-22082 | 1 Elspec-ltd | 2 G5dfr, G5dfr Firmware | 2025-04-16 | N/A | 7.5 HIGH |
| An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated directory listing can occur: the web interface cay be abused be an attacker get a better understanding of the operating system. | |||||
| CVE-2025-23378 | 2025-04-11 | N/A | 3.3 LOW | ||
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an exposure of information through directory listing vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. | |||||
| CVE-2025-2652 | 1 Oretnom23 | 1 Employee And Visitor Gate Pass Logging System | 2025-03-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to exposure of information through directory listing. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. Multiple sub-directories are affected. | |||||
| CVE-2024-7809 | 1 Tamparongj03 | 1 Online Graduate Tracer System | 2025-02-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /tracking/nbproject/. The manipulation leads to exposure of information through directory listing. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-28766 | 2025-01-27 | N/A | 2.4 LOW | ||
| IBM Security Directory Integrator 7.2.0 and IBM Security Verify Directory Integrator 10.0.0 could disclose sensitive information about directory contents that could aid in further attacks against the system. | |||||
| CVE-2024-35113 | 2025-01-25 | N/A | 4.3 MEDIUM | ||
| IBM Control Center 6.2.1 and 6.3.1 could allow an authenticated user to obtain sensitive information exposed through a directory listing. | |||||
| CVE-2024-42007 | 2024-11-21 | N/A | 5.8 MEDIUM | ||
| SPX (aka php-spx) through 0.4.15 allows SPX_UI_URI Directory Traversal to read arbitrary files. | |||||
| CVE-2024-3707 | 2024-11-21 | N/A | 5.3 MEDIUM | ||
| Information exposure vulnerability in OpenGnsys affecting version 1.1.1d (Espeto). This vulnerability allows an attacker to enumerate all files in the web tree by accessing a php file. | |||||
| CVE-2023-49979 | 2024-11-21 | N/A | 7.5 HIGH | ||
| A directory listing vulnerability in Customer Support System v1 allows attackers to list directories and sensitive files within the application without requiring authorization. | |||||
| CVE-2022-24396 | 1 Sap | 1 Simple Diagnostics Agent | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| The Simple Diagnostics Agent - versions 1.0 up to version 1.57, does not perform any authentication checks for functionalities that can be accessed via localhost on http port 3005. Due to lack of authentication checks, an attacker could access administrative or other privileged functionalities and read, modify, or delete sensitive information and configurations. | |||||
| CVE-2021-32515 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Directory listing vulnerability in share_link in QSAN Storage Manager allows attackers to list arbitrary directories and further access credential information. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3. | |||||
| CVE-2021-32511 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| QSAN Storage Manager through directory listing vulnerability in ViewBroserList allows remote authenticated attackers to list arbitrary directories via the file path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3. | |||||
| CVE-2021-32510 | 1 Qsan | 1 Storage Manager | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| QSAN Storage Manager through directory listing vulnerability in antivirus function allows remote authenticated attackers to list arbitrary directories by injecting file path parameter. The referred vulnerability has been solved with the updated version of QSAN Storage Manager v3.3.3. | |||||
| CVE-2021-27505 | 1 Myscada | 1 Mypro | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information. | |||||