CVE-2023-1246

7.5 HIGH

Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations

Published: 2023-03-10 · Last updated: 2026-06-01

Severity and scoring

CVSS: 7.5 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-552

Affected products

Vendor	Product
saysis	starcities

Description

Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows Collect Data from Common Resource Locations. This issue affects Starcities: through 1.3.

Source: NVD

References

Related CVEs

Same vendor

CVE-2023-1198 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saysis Starcities allows SQL Injection (9.8 CRITICAL)
CVE-2022-2178 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saysis Computer Starcities allows C... (6.1 MEDIUM)

Same CWE

CVE-2025-14771 — Files or directories accessible to external parties vulnerability in ABB T-MAC Plus (9.9 CRITICAL)
CVE-2026-45543 — Nextcloud is an open source content collaboration platform (5.3 MEDIUM)
CVE-2026-40425 — The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can directly edit sensitive files related to auth... (5.7 MEDIUM)
CVE-2026-45088 — Dalfox is a powerful open-source XSS scanner and utility focused on automation (7.5 HIGH)
CVE-2024-56462 — IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a malicious backup archive that could be rest... (7.2 HIGH)