Weaknesses of type CWE-22
4,793 resultsCVE-2025-27787HIGHApplio allows a DoS in restart.pyEPSS 0.7%CVE-2023-0290MEDIUMRapid7 Velociraptor directory traversal in client ID parameter EPSS 0.7%CVE-2025-29847HIGHApache Linkis: Arbitrary File Read via Double URL Encoding BypassEPSS 0.7%CVE-2023-2880HIGHFrauscher Sensortechnik Diagnostic System FDS001 for FAdC/FAdCi Path Traversal vulnerabilityEPSS 0.7%CVE-2023-4152HIGHFrauscher FDS101 for FAdC/FAdCi path traversal vulnerabilityEPSS 0.7%CVE-2026-9725CRITICALPrintcart Web to Print Product Designer for WooCommerce <= 2.5.2 - Unauthenticated Arbitrary File DeletionEPSS 0.7%CVE-2026-32060HIGHOpenClaw < 2026.2.14 - Path Traversal in apply_patch via Crafted PathsEPSS 0.7%CVE-2022-45852MEDIUMWordPress WP-FormAssembly plugin <= 2.0.5 - Auth. Arbitrary File Read vulnerabilityEPSS 0.7%CVE-2024-36059CRITICALDirectory Traversal vulnerability in Kalkitech ASE ASE61850 IEDSmart upto and including version 2.3.5 allows attackers to read/write arbitraEPSS 0.7%CVE-2023-31181HIGH WJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - CWE-22: Path TraversalEPSS 0.7%CVE-2018-25308HIGHBuddyPress Xprofile Custom Fields Type 2.6.3 Arbitrary File DeletionEPSS 0.7%CVE-2024-21753MEDIUMA improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiClientEMS versions 7.2.0 through 7.2.4, 7.EPSS 0.7%CVE-2026-33513HIGHAVideo has an Unauthenticated Local File Inclusion in API locale (RCE possible with writable PHP)EPSS 0.7%CVE-2022-4885MEDIUMsviehb jefferson path traversalEPSS 0.7%CVE-2024-31394MEDIUMDirectory traversal vulnerability exists in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.12, Ver.3.0.x series versions prior to VerEPSS 0.7%CVE-2026-27819HIGHVikunja has Path Traversal in CLI RestoreEPSS 0.7%CVE-2024-54373HIGHWordPress EduAdmin Booking plugin <= 5.2.0 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2025-0632CRITICALLocal File Inclusion (LFI) leading to sensitive data exposureEPSS 0.7%CVE-2026-30996HIGHAn issue in the file handling logic of the component download.php of SAC-NFe v2.0.02 allows attackers to execute a directory traversal and rEPSS 0.7%CVE-2023-7335HIGHEduSoho < 22.4.7 Arbitrary File Read via classroom-course-statisticsEPSS 0.7%