Weaknesses of type CWE-22
4,792 resultsCVE-2024-36814MEDIUMAn arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on thEPSS 0.8%CVE-2024-35428HIGHZKTeco ZKBio CVSecurity 6.1.1 is vulnerable to Directory Traversal via BaseMediaFile. An authenticated user can delete local files from the EPSS 0.8%CVE-2025-11031MEDIUMDataTables examples.php path traversalEPSS 0.8%CVE-2024-49766MEDIUMWerkzeug safe_join not safe on WindowsEPSS 0.8%CVE-2026-3695MEDIUMSourceCodester Modern Image Gallery App delete.php path traversalEPSS 0.8%CVE-2022-23470HIGHArbitrary file access in the Galaxy data analysis platformEPSS 0.8%CVE-2025-5391HIGHWooCommerce Purchase Orders <= 1.0.2 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.8%CVE-2022-2653HIGHPath Traversal in plankanban/plankaEPSS 0.8%CVE-2020-12508HIGHs::can moni::tools prone to path traversal in image-relocator moduleEPSS 0.8%CVE-2021-37532MEDIUMSAP Business One version - 10, due to improper input validation, allows an authenticated User to gain access to directory and view the conteEPSS 0.8%CVE-2020-12509HIGHs::can moni::tools prone to path traversal in camera-file moduleEPSS 0.8%CVE-2018-25374HIGHSoftneta MedDream PACS Server Premium 6.7.1.1 Directory TraversalEPSS 0.8%CVE-2018-25365HIGHPCViewer vt1000 Directory Traversal via GET RequestEPSS 0.8%CVE-2021-20030HIGHSonicWall GMS is vulnerable to file path manipulation resulting that an unauthenticated attacker can gain access to web directory containingEPSS 0.8%CVE-2025-47952LOWTraefik allows path traversal using url encodingEPSS 0.8%CVE-2023-41682HIGHA improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 4.4.0, FortiSandbox EPSS 0.8%CVE-2024-8876MEDIUMxiaohe4966 TpMeCMS lang path traversalEPSS 0.8%CVE-2025-11913MEDIUMShenzhen Ruiming Technology Streamax Crocus Service.do download path traversalEPSS 0.8%CVE-2025-34154CRITICALUnForm Server Manager < 10.1.12 Unauthenticated Arbitrary File ReadEPSS 0.8%CVE-2026-33046HIGHIndico discloses local files resulting in Remote Code Execution through LaTeX injectionEPSS 0.8%