Weaknesses of type CWE-22
4,800 resultsCVE-2026-36848HIGHGigamon GVOS v5.16.1 and below is vulnerable to Directory Traversal in the GVOS H-VUE subsystem.EPSS 0.7%CVE-2024-1593HIGHPath Traversal via Parameter Smuggling in mlflow/mlflowEPSS 0.7%CVE-2021-47921HIGHFree Photo & Video Vault 0.0.2 Directory Traversal Vulnerability via Web RequestEPSS 0.7%CVE-2023-7077CRITICALSharp NEC Displays (P403, P463, P553, P703, P801, X554UN, X464UN, X554UNS, X464UNV, X474HB, X464UNS, X554UNV, X555UNS, X555UNV, X754HB, X554EPSS 0.7%CVE-2025-57644CRITICALAccela Automation Platform 22.2.3.0.230103 contains multiple vulnerabilities in the Test Script feature. An authenticated administrative useEPSS 0.7%CVE-2022-31475MEDIUMWordPress GiveWP plugin <= 2.20.2 - Authenticated Arbitrary File Read via Export function vulnerabilityEPSS 0.7%CVE-2025-3671HIGHWPGYM - Wordpress Gym Management System <= 67.7.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password UpdateEPSS 0.7%CVE-2025-65879HIGHWarehouse Management System 1.2 contains an authenticated arbitrary file deletion vulnerability. The /goods/deleteGoods endpoint accepts a uEPSS 0.7%CVE-2026-34728HIGHphpMyFAQ: Path Traversal - Arbitrary File Deletion in MediaBrowserControllerEPSS 0.7%CVE-2016-10330—Directory traversal vulnerability in synophoto_dsm_user, a SUID program, as used in Synology Photo Station before 6.5.3-3226 allows local usEPSS 0.7%CVE-2024-22231MEDIUMSyndic cache directory creation is vulnerable to a directory traversal attackEPSS 0.7%CVE-2025-9409MEDIUMlostvip-com ruoyi-go CommonController.go DownloadUpload path traversalEPSS 0.7%CVE-2024-9301HIGHA path traversal issue in E2Nest prior to commit 8a41948e553c89c56b14410c6ed395e9cfb9250aEPSS 0.7%CVE-2026-40342CRITICALFirebird: Path Traversal + Arbitrary File Write Leads to Remote Code ExecutionEPSS 0.7%CVE-2026-32140CRITICALDataease: Redshift JDBC RCE BypassEPSS 0.7%CVE-2025-56869MEDIUMDirectory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system EPSS 0.7%CVE-2026-8023HIGHPath traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file readEPSS 0.7%CVE-2024-8410MEDIUMABCD ABCD2 otros_sitios.php path traversalEPSS 0.7%CVE-2024-56509HIGHchangedetection.io has Improper Input Validation Leading to LFR/Path TraversalEPSS 0.7%CVE-2026-6024MEDIUMTenda i6 HTTP R7WebsSecurityHandlerfunction path traversalEPSS 0.7%