Weaknesses of type CWE-22

4,790 results
CVE-2024-27279MEDIUMDirectory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.EPSS 0.8%CVE-2026-42605HIGHAzuraCast: Path Traversal in `currentDirectory` Parameter Enables Remote Code Execution via Media UploadEPSS 0.8%CVE-2025-0973MEDIUMCmsEasy index.php backAll_action path traversalEPSS 0.8%CVE-2024-5273MEDIUMJenkins Report Info Plugin 1.2 and earlier does not perform path validation of the workspace directory while serving report files, allowing EPSS 0.8%CVE-2025-10488HIGHDirectorist: AI-Powered Business Directory Plugin with Classified Ads Listings <= 8.4.8 - Authenticated (Subscriber+) Arbitrary File MoveEPSS 0.8%CVE-2024-22232HIGHSpecially crafted url can be created which leads to a directory traversal in the salt file serverEPSS 0.8%CVE-2024-11010HIGHFileOrganizer <= 1.1.4 - Authenticated (Administrator+) Local JavaScript File InclusionEPSS 0.8%CVE-2024-4941HIGHLocal File Inclusion in JSON component in gradio-app/gradioEPSS 0.8%CVE-2025-28072HIGHPHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php.EPSS 0.8%CVE-2022-38165CRITICALArbitrary file write in F-Secure Policy Manager through 2022-08-10 allows unauthenticated users to write the file with the contents in arbitEPSS 0.8%CVE-2022-4583MEDIUMjLEMS JUtil.java unpackJar path traversalEPSS 0.8%CVE-2022-23512HIGHMetersphere is vulnerable to Path Injection.EPSS 0.8%CVE-2023-47624HIGHAudiobookshelf Arbitrary File Read VulnerabilityEPSS 0.8%CVE-2018-25124HIGHPacsOne Server 6.6.2 DICOM Web Viewer Directory Traversal LFIEPSS 0.8%CVE-2022-44299MEDIUMSiteServerCMS 7.1.3 sscms has a file read vulnerability.EPSS 0.8%CVE-2021-33722A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2 Update 1). The affected system has a Path Traversal vulnerability EPSS 0.8%CVE-2023-53772HIGHMiniDVBLinux 5.4 Arbitrary File Read Vulnerability via About PageEPSS 0.8%CVE-2024-34523HIGHAChecker 1.5 allows remote attackers to read the contents of arbitrary files via the download.php path parameter by using Unauthenticated PaEPSS 0.8%CVE-2024-12850MEDIUMDatabase Backup and check Tables Automated With Scheduler 2024 <= 2.32 - Authenticated (Admin+) Arbitrary File ReadEPSS 0.8%CVE-2022-44280MEDIUMAutomotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master.php?f=delete_img.EPSS 0.8%