Weaknesses of type CWE-22

4,809 results
CVE-2026-49290HIGHSlopsmith has path traversal in archive extractors that allows arbitrary file write → potential RCEEPSS 0.6%CVE-2025-24019HIGHYesWiki vulnerable to authenticated arbitrary file deletionEPSS 0.6%CVE-2024-42474MEDIUMStreamlit Path Traversal Security Vulnerability on WindowsEPSS 0.6%CVE-2023-5588LOWkphrx pleroma pack.ex Pleroma.Emoji.Pack path traversalEPSS 0.6%CVE-2024-34384MEDIUMWordPress Sina Extension for Elementor plugin <= 3.5.1 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-43129MEDIUMWordPress BetterDocs plugin <= 3.5.8 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2026-45233HIGHHTMLy CMS 3.1.1 Path Traversal via oldfile Parameter in AutosaveEPSS 0.6%CVE-2023-47178HIGHWordPress The Plus Addons for Elementor Pro plugin <= 5.2.8 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-25620MEDIUMDependency management path traversal in helmEPSS 0.6%CVE-2026-44650CRITICALSillyTavern: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.6%CVE-2026-33195HIGHRails Active Storage has possible Path Traversal in DiskServiceEPSS 0.6%CVE-2026-42075HIGHEvolver: Path Traversal via `--out` flag in `fetch` command allows Arbitrary File WriteEPSS 0.6%CVE-2024-35778MEDIUMWordPress Slideshow SE plugin <= 2.5.17 - Auth. Limited Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-43957MEDIUMWordPress Animated Number Counters plugin <= 1.9 - Editor+ Limited Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-45593CRITICALNix affected by unsafe NAR unpackingEPSS 0.6%CVE-2024-49315HIGHWordPress FREE DOWNLOAD MANAGER plugin <= 1.0.0 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2026-25785CRITICALPath traversal vulnerability exists in Lanscope Endpoint Manager (On-Premises) Sub-Manager Server Ver.9.4.7.3 and earlier, which may allow aEPSS 0.6%CVE-2026-25559HIGHOpenBullet2 0.3.2 Path Traversal via Wordlist EndpointEPSS 0.6%CVE-2026-33183HIGHSaloon has a Fixture Name Path Traversal VulnerabilityEPSS 0.6%CVE-2026-25116HIGHRuntipi vulnerable to unauthenticated docker-compose.yml Overwrite via Path TraversalEPSS 0.6%