Weaknesses of type CWE-22
4,805 resultsCVE-2026-30942HIGHFlare has a Path Traversal in /api/avatars/[filename]EPSS 0.6%CVE-2022-20677MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 0.6%CVE-2024-12718MEDIUMBypass extraction filter to modify file metadata outside extraction directoryEPSS 0.6%CVE-2026-44885MEDIUMPortainer: Path traversal in backup archive extraction allows arbitrary file writeEPSS 0.6%CVE-2026-34653HIGHAdobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)EPSS 0.6%CVE-2026-7774MEDIUMtarfile.data_filter path traversal bypass allows writing outside the extraction directoryEPSS 0.6%CVE-2025-30582HIGHWordPress DyaPress ERP/CRM plugin <= 18.0.2.0 - Local File Inclusion VulnerabilityEPSS 0.6%CVE-2025-34248HIGHD-Link Nuclias Connect < v1.3.1.4 Directory Traversal to Arbitrary File DeletionEPSS 0.6%CVE-2024-26129MEDIUMPrestashop vulnerable to path disclosure in JavaScript variableEPSS 0.6%CVE-2023-44395MEDIUMAutolab has Path Traversal vulnerability in Assessment functionalityEPSS 0.6%CVE-2024-35743HIGHWordPress SC filechecker plugin <= 0.6 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-41971HIGHWAGO: Arbitrary File Overwrite in Multiple DevicesEPSS 0.6%CVE-2024-35744HIGHWordPress Upunzipper plugin <= 1.0.0 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-37419HIGHWordPress Cowidgets – Elementor Addons plugin <= 1.1.1 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-8941HIGHPath Traversal vulnerability on ScriptcaseEPSS 0.6%CVE-2024-43955CRITICALWordPress Droip plugin <= 1.1.1 - Unauthenticated Arbitrary File Download/Deletion vulnerabilityEPSS 0.6%CVE-2026-25069CRITICALSunFounder Pironman Dashboard <= 1.3.13 Path Traversal Arbitrary File Read/DeletionEPSS 0.6%CVE-2020-37077MEDIUMBooked Scheduler 2.7.7 - Authenticated Directory TraversalEPSS 0.6%CVE-2025-58693MEDIUMAn improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, EPSS 0.6%CVE-2025-4946HIGHVikinger <= 1.9.32 - Authenticated (Subscriber+) Arbitrary File Deletion via vikinger_delete_activity_media_ajax FunctionEPSS 0.6%