Weaknesses of type CWE-22
4,809 resultsCVE-2024-51966MEDIUMDirectory traversal vulnerability in ArcGIS ServerEPSS 0.6%CVE-2025-0823MEDIUMIBM MQ path traversalEPSS 0.6%CVE-2024-33535HIGHAn issue was discovered in Zimbra Collaboration (ZCS) 9.0 and 10.0. The vulnerability involves unauthenticated local file inclusion (LFI) inEPSS 0.6%CVE-2024-39619CRITICALWordPress ListingPro plugin <= 2.9.4 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2023-25303HIGHATLauncher <= 3.4.26.0 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside of tEPSS 0.6%CVE-2023-4990HIGHDirectory traversal vulnerability in MCL-Net versions prior to 4.6 Update Package (P01) may allow attackers to read arbitrary files.EPSS 0.6%CVE-2024-43271HIGHWordPress Widgets for WooCommerce Products on Elementor plugin <= 2.0.0 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-8262CRITICALPath Traversal in Proliz Software's OBSEPSS 0.6%CVE-2026-22448HIGHWordPress PitchPrint plugin <= 11.1.2 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2025-6855MEDIUMchatchat-space Langchain-Chatchat file path traversalEPSS 0.6%CVE-2025-13816MEDIUMmoxi159753 Mogu Blog v2 ZIP File unzipFile FileOperation.unzip path traversalEPSS 0.6%CVE-2026-22877LOWCopeland XWEB and XWEB Pro Path TraversalEPSS 0.6%CVE-2025-67963HIGHWordPress Movie Booking plugin <= 1.1.5 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2025-68155HIGH@vitejs/plugin-rsc has Arbitrary File Read via `/__vite_rsc_findSourceMapURL` Endpoint on DevelopmentEPSS 0.6%CVE-2026-14628MEDIUMNousResearch hermes-agent Live Webhook Endpoint base.py extract_media path traversalEPSS 0.6%CVE-2024-34712MEDIUMOceanic allows unsanitized user input to lead to path traversal in URLsEPSS 0.6%CVE-2021-45448HIGHPentaho Business Analytics Server - Pentaho Analyzer plugin exposes a service endpoint for templates which allows a user supplied path to access resources that are out of bounds.EPSS 0.6%CVE-2024-27102CRITICALImproper isolation of server file access in github.com/pterodactyl/wingsEPSS 0.5%CVE-2024-52378HIGHWordPress DigiPass plugin <= 0.3.0 - Arbitrary File Download vulnerabilityEPSS 0.5%CVE-2025-20344MEDIUMCisco Nexus Dashboard Path Traversal VulnerabilityEPSS 0.5%