Weaknesses of type CWE-22
4,806 resultsCVE-2024-52363MEDIUMIBM InfoSphere Information Server directory traversalEPSS 0.6%CVE-2023-34216HIGHSecond Order Command-injection Vulnerability in the Key-delete FunctionEPSS 0.6%CVE-2024-34762CRITICALWordpress Advanced Custom Fields Pro plugin < 6.2.10 - Contributor+ Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-35658HIGHWordPress Checkout Field Editor for WooCommerce (Pro) plugin <= 3.6.2 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-43248HIGHWordPress Bit Form Pro plugin <= 2.6.4 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2025-34048HIGHD-Link DSL-2730U/2750U/2750E Path Traversal Arbitrary File ReadEPSS 0.6%CVE-2024-51990CRITICALPath traversal via crafted Git repositories in jjEPSS 0.6%CVE-2024-37928HIGHWordPress Jobmonster theme <= 4.7.0 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2025-12496MEDIUMZephyr Project Manager <= 3.3.203 - Authenticated (Custom+) Arbitrary File Read And Server-Side Request ForgeryEPSS 0.6%CVE-2026-24469HIGHC++ HTTP Server has Critical Path Traversal Vulnerability in RequestHandler Allowing Arbitrary File ReadEPSS 0.6%CVE-2024-37932HIGHWordPress Woocommerce OpenPos plugin <= 6.4.4 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-36079MEDIUMAn issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, aEPSS 0.6%CVE-2025-54450HIGHImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allowEPSS 0.6%CVE-2021-22685MEDIUMCassia Networks Access Controller Path TraversalEPSS 0.6%CVE-2026-31379MEDIUMApache OFBiz: Path Traversal and File Upload Validation Bypass Leading to Arbitrary File Write, Stored XSS and RCE in Catalog ManagerEPSS 0.6%CVE-2024-35308HIGHPost-auth Arbitrary File Read in the Server Plugins SectionEPSS 0.6%CVE-2026-3987HIGHWatchGuard Firebox Arbitrary File Write vis Path Traversal in Fireware Web UIEPSS 0.6%CVE-2023-31166MEDIUMImproper Limitation of a Pathname to a Restricted DirectoryEPSS 0.6%CVE-2023-45652MEDIUMWordPress Remote Content Shortcode plugin <= 1.5 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2025-15036CRITICALPath Traversal Vulnerability in mlflow/mlflowEPSS 0.6%