Weaknesses of type CWE-22
4,809 resultsCVE-2024-51958MEDIUMDirectory traversal vulnerability in the admin api for service thumbnailsEPSS 0.6%CVE-2024-34521LOWA directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows aEPSS 0.6%CVE-2024-52600MEDIUMStatamic CMS has Path Traversal in Asset UploadEPSS 0.6%CVE-2025-58162MEDIUMMobSF Vulnerable to Arbitrary File Write (AR-Slip) via Absolute Path in .a ExtractionEPSS 0.6%CVE-2024-6789HIGHPath traversal in M-Files APIEPSS 0.6%CVE-2024-51756LOWcap-std doesn't fully sandbox all the Windows device filenamesEPSS 0.6%CVE-2024-33557HIGHWordPress XStore Core plugin <= 5.3.8 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-52964MEDIUMAn Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.EPSS 0.6%CVE-2024-35712MEDIUMWordPress Database Cleaner: Clean, Optimize & Repair plugin <= 1.0.5 - Arbitrary File Read vulnerabilityEPSS 0.6%CVE-2026-35174CRITICALChyrp Lite has a Path Traversal to Remote Code ExecutionEPSS 0.6%CVE-2025-26905HIGHWordPress Estatik plugin <= 4.3.0 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2025-62356HIGHA path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to read arbitrary local files in and outside EPSS 0.6%CVE-2023-25305HIGHPolyMC Launcher <= 1.4.3 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside ofEPSS 0.6%CVE-2025-10951MEDIUMgeyang ml-logger server.py log_handler path traversalEPSS 0.6%CVE-2026-9197MEDIUMSmart Slider 3 <= 3.5.1.36 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read via 'src'/'srcset' Attribute in HTML ExportEPSS 0.6%CVE-2024-52448HIGHWordPress Ultimate Classified Listings plugin <= 1.7 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2022-3939MEDIUMlanyulei ferry API file.go path traversalEPSS 0.6%CVE-2024-35745HIGHWordPress Strategery Migrations plugin <= 1.0 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2026-40075HIGHOpenMRS Core arbitrary file read via path traversal in ModuleResourcesServletEPSS 0.6%CVE-2026-29871HIGHA path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19) in theEPSS 0.6%