Weaknesses of type CWE-22

4,794 results
CVE-2019-25480HIGHARMBot Unrestricted File Upload via upload.phpEPSS 0.7%CVE-2022-46178HIGHPath Traversal In MeterSpere allows file upload to any pathEPSS 0.7%CVE-2024-55657HIGHSiYuan has an arbitrary file read via /api/template/renderEPSS 0.7%CVE-2025-56430HIGHDirectory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via thEPSS 0.7%CVE-2025-56431HIGHDirectory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote attacker to cause a denial of service via thEPSS 0.7%CVE-2020-37219HIGHJoomla com_fabrik 3.9.11 Directory Traversal via image.phpEPSS 0.7%CVE-2019-1952MEDIUMCisco Enterprise NFV Infrastructure Software Path Traversal VulnerabilityEPSS 0.7%CVE-2021-47751MEDIUMCuteEditor for PHP 6.6 - Directory TraversalEPSS 0.7%CVE-2025-45145HIGHDirectory traversal in Follett Software's Destiny Library Manager 22_0_2_rc1 and fixed in v.22.5 AU1 allows remote attackers to read arbitraEPSS 0.7%CVE-2025-34022CRITICALSelea Targa IP OCR-ANPR Camera Path TraversalEPSS 0.7%CVE-2024-24934HIGHWordPress Elementor plugin <= 3.19.0 - Arbitrary File Deletion and Phar Deserialization vulnerabilityEPSS 0.7%CVE-2024-1142MEDIUMSonatype IQ Server - Path TraversalEPSS 0.7%CVE-2024-10799MEDIUMEventer <= 3.9.7 - Authenticated (Subscriber+) Arbitrary File ReadEPSS 0.7%CVE-2026-1532MEDIUMD-Link DCS-700L Music File Upload Service setUploadMusic uploadmusic path traversalEPSS 0.7%CVE-2024-13920MEDIUMOrder Export & Order Import for WooCommerce <= 2.6.0 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Read via download_file FunctionEPSS 0.7%CVE-2026-33054CRITICALMesop: Path Traversal utilizing `FileStateSessionBackend` leads to Application Denial of Service and File Write/DeletionEPSS 0.7%CVE-2026-4853MEDIUMJetBackup <= 3.1.19.8 - Authenticated (Administrator+) Arbitrary Directory Deletion via Path Traversal in 'fileName' ParameterEPSS 0.7%CVE-2022-45447MEDIUMPath Traversal in M4 PDF plugin for Prestashop sitesEPSS 0.7%CVE-2024-8438HIGHPath Traversal in modelscope/agentscopeEPSS 0.7%CVE-2026-31817HIGHOliveTin's unsafe parsing of UniqueTrackingId can be used to write filesEPSS 0.7%