Weaknesses of type CWE-22

4,801 results
CVE-2020-36647MEDIUMYunoHost-Apps transmission_ynh nginx.conf path traversalEPSS 0.7%CVE-2026-26984HIGHLORIS media module vulnerable to remote code executionEPSS 0.7%CVE-2025-67742LOWIn JetBrains TeamCity before 2025.11 path traversal was possible via file uploadEPSS 0.7%CVE-2023-42229MEDIUMPat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal. Arbitrary files can be created on the system via auEPSS 0.7%CVE-2024-52056MEDIUMApplication Delete Path Traversal in Wowza Streaming EngineEPSS 0.7%CVE-2026-35485HIGHtext-generation-webui has a Path Traversal in load_grammar() — arbitrary file read without authenticationEPSS 0.7%CVE-2024-24122CRITICALA remote code execution vulnerability in the project management of Wanxing Technology's Yitu project which allows an attacker to use the expEPSS 0.7%CVE-2021-3806MEDIUMPath Traversal in Pardus Software CenterEPSS 0.7%CVE-2024-37046LOWQTS, QuTS heroEPSS 0.7%CVE-2024-37043MEDIUMQTS, QuTS heroEPSS 0.7%CVE-2025-11139MEDIUMBjskzy Zhiyou ERP com.artery.form.services.FormStudioUpdater uploadStudioFile path traversalEPSS 0.7%CVE-2025-15589MEDIUMMuYuCMS Template Management Template.php delete_dir_file path traversalEPSS 0.7%CVE-2024-6759MEDIUMNFS client accepts file names containing path separatorsEPSS 0.7%CVE-2024-37497HIGHWordPress JetThemeCore plugin < 2.2.1 - Subscriber+ Arbitrary File Deletion vulnerabilityEPSS 0.7%CVE-2026-9351MEDIUMNousResearch hermes-agent read_file Tool file_tools.py _is_blocked_device path traversalEPSS 0.7%CVE-2023-37888HIGHWordPress Phlox Core Elements plugin <= 2.14.0 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.7%CVE-2024-54375HIGHWordPress Woolook plugin <= 1.7.0 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2024-54380HIGHWordPress WP Cookies Enabler plugin <= 1.0.1 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2024-44720HIGHSeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php.EPSS 0.7%CVE-2025-3740HIGHSchool Management System for Wordpress <= 93.1.0 - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password UpdateEPSS 0.7%