Weaknesses of type CWE-22
4,793 resultsCVE-2024-29434HIGHAn issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file.EPSS 0.7%CVE-2024-34471MEDIUMAn issue was discovered in HSC Mailinspector 5.2.17-3. A Path Traversal vulnerability (resulting in file deletion) exists in the mliRealtimeEPSS 0.7%CVE-2025-6439CRITICALWooCommerce Designer Pro <= 1.9.26 - Unauthenticated Arbitrary File DeletionEPSS 0.7%CVE-2023-3385MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLabEPSS 0.7%CVE-2026-1311HIGHWorry Proof Backup <= 0.2.4 - Authenticated (Subscriber+) Path Traversal via Backup UploadEPSS 0.7%CVE-2021-41127HIGHMaliciously Crafted Model Archive Can Lead To Arbitrary File Write in rasaEPSS 0.7%CVE-2022-43753MEDIUMSUMA/UYUNI arbitrary file disclosure vulnerability in ScapResultDownloadEPSS 0.7%CVE-2024-56198CRITICALpath-sanitizer allows bypassing the existing filters to achieve path-traversal vulnerabilityEPSS 0.7%CVE-2026-1776MEDIUMCamaleon CMS AWS Uploader Authenticated Path Traversal Arbitrary File ReadEPSS 0.7%CVE-2026-43975MEDIUMApache Wicket: Possible malicious path traversal in FolderUploadsFileManagerEPSS 0.7%CVE-2024-2224HIGHPrivilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-11466)EPSS 0.7%CVE-2026-23954HIGHIncus container image templating arbitrary host file read and writeEPSS 0.7%CVE-2025-67684CRITICALRemote Code Execution via Local File Inclusion in Quick.CartEPSS 0.7%CVE-2025-53906MEDIUMVim has path traversal issue with zip.vim and special crafted zip archivesEPSS 0.7%CVE-2025-58161LOWMobSF Path Traversal in GET /download/<filename> using absolute filenamesEPSS 0.7%CVE-2023-49793MEDIUMPath traversal in `CodeChecker server` in the endpoint of `CodeChecker store`EPSS 0.7%CVE-2024-47820MEDIUMMarkUs vulnerable to Path TraversalEPSS 0.7%CVE-2025-6379HIGHBeeTeam368 Extensions Pro <= 2.3.4 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File DeletionEPSS 0.7%CVE-2022-38731MEDIUMQaelum DOSE 18.08 through 21.1 before 21.2 allows Directory Traversal via the loadimages name parameter. It allows a user to specify an arbiEPSS 0.7%CVE-2023-24689MEDIUMAn issue in Mojoportal v2.7.0.0 and below allows an authenticated attacker to list all css files inside the root path of the webserver via mEPSS 0.7%