Weaknesses of type CWE-22
4,792 resultsCVE-2023-26820HIGHsiteproxy v1.0 was discovered to contain a path traversal vulnerability via the component index.js.EPSS 0.8%CVE-2023-46346HIGHIn the module "Product Catalog (CSV, Excel, XML) Export PRO" (exportproducts) in versions up to 4.1.1 from MyPrestaModules for PrestaShop, aEPSS 0.8%CVE-2024-24591HIGHA path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform enables a maliciously uploadedEPSS 0.8%CVE-2023-28163MEDIUMWhen downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would hEPSS 0.8%CVE-2023-29200MEDIUMcontao/core-bundle has path traversal vulnerability in the file managerEPSS 0.8%CVE-2024-21876CRITICALUnauthenticated Path Traversal via URL Parameter in Enphase IQ Gateway version < 8.2.4225EPSS 0.8%CVE-2025-50349HIGHPHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to Directory Traversal in update-teacher-pic.php.EPSS 0.8%CVE-2023-30855MEDIUMPimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.phpEPSS 0.8%CVE-2023-38695MEDIUMcypress-image-snapshot vulnerable to insecure snapshot file namesEPSS 0.8%CVE-2016-15038MEDIUMNUUO NVRmini 2 deletefile.php path traversalEPSS 0.8%CVE-2022-25377HIGHThe ACME-challenge endpoint in Appwrite 0.5.0 through 0.12.x before 0.12.2 allows remote attackers to read arbitrary local files via ../ dirEPSS 0.8%CVE-2022-41920MEDIUMZip slip in LancetEPSS 0.8%CVE-2024-8694MEDIUMJFinalCMS com.cms.controller.admin.TemplateController update path traversalEPSS 0.8%CVE-2022-36221MEDIUMNokia Fastmile 3tg00118abad52 is affected by an authenticated path traversal vulnerability which allows attackers to read any named pipe filEPSS 0.8%CVE-2025-3520HIGHAvatar <= 0.1.4 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.8%CVE-2023-46645MEDIUMPath traversal in GitHub Enterprise Server leading to arbitrary file reading when building a GitHub Pages siteEPSS 0.8%CVE-2023-36819MEDIUMKnowage-Server vulnerable to Path traversal in download functionalitiesEPSS 0.8%CVE-2023-3031MEDIUMPrestahop module King-Avis - Path traversalEPSS 0.8%CVE-2023-41578—Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.EPSS 0.8%CVE-2024-36814MEDIUMAn arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on thEPSS 0.8%