Weaknesses of type CWE-22
4,806 resultsCVE-2025-25223MEDIUMThe LuxCal Web Calendar prior to 5.3.3M (MySQL version) and prior to 5.3.3L (SQLite version) contains a path traversal vulnerability in dloaEPSS 0.6%CVE-2024-6445CRITICALAuthenticated Local File Inclusion (LFI) in DataFlowX's DataDiodeXEPSS 0.6%CVE-2024-29196LOWphpMyFAQ Path Traversal in AttachmentsEPSS 0.6%CVE-2025-27837CRITICALAn issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTFEPSS 0.6%CVE-2025-20051CRITICALArbitrary file read via block duplication in Mattermost BoardsEPSS 0.6%CVE-2025-25284HIGHPath Traversal and Local File Read via VRT (Virtual Format) in ZOO-Project WPS ImplementationEPSS 0.6%CVE-2025-2363MEDIUMlenve VBlog ArticleController.java uploadImg path traversalEPSS 0.6%CVE-2025-30910HIGHWordPress CM Download Manager plugin <= 2.9.6 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2022-39178MEDIUMWebvendome - webvendome Internal Server IP DisclosureEPSS 0.6%CVE-2026-2672MEDIUMTsinghua Unigroup Electronic Archives System downLoad download path traversalEPSS 0.6%CVE-2026-4660HIGHGo-getter may allow to arbitrary filesystem reads through git operationsEPSS 0.6%CVE-2023-45383HIGHIn the module "SoNice etiquetage" (sonice_etiquetage) up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personalEPSS 0.6%CVE-2018-25178HIGHEasyndexer 1.0 Arbitrary File Download via showtif.phpEPSS 0.6%CVE-2026-9559CRITICALA path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign importsEPSS 0.6%CVE-2023-35069HIGHPath Traversal in BullwarkEPSS 0.6%CVE-2021-25367LOWPath Traversal vulnerability in Samsung Notes prior to version 4.2.00.22 allows attackers to access local files without permission.EPSS 0.6%CVE-2024-23540MEDIUMHCL BigFix Inventory is vulnerable to path traversalEPSS 0.6%CVE-2024-32830HIGHWordPress buddyforms plugin <= 2.8.8- Arbitrary File Read and SSRF vulnerabilityEPSS 0.6%CVE-2026-35397HIGHjupyter-server path traversal allows access to sibling directories sharing root_dir name prefixEPSS 0.6%CVE-2024-43140HIGHWordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.4 - Local File Inclusion vulnerabilityEPSS 0.6%