Weaknesses of type CWE-22
4,812 resultsCVE-2024-45842MEDIUMSharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability.
Unintended internaEPSS 0.5%CVE-2023-3675MEDIUMInsufficient input validation when downloading certain file types.EPSS 0.5%CVE-2024-43221HIGHWordPress JetGridBuilder plugin <= 1.1.2 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-24842HIGHnode-tar Vulnerable to Arbitrary File Creation/Overwrite via Hardlink Path TraversalEPSS 0.5%CVE-2024-43345HIGHWordPress Landing Page Builder plugin <= 1.5.2.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-26753HIGHWordPress VideoWhisper Live Streaming Integration plugin <= 6.2 - Arbitrary File Download vulnerabilityEPSS 0.5%CVE-2025-54293HIGHPath Traversal in LXD Instance Log File RetrievalEPSS 0.5%CVE-2024-43232HIGHWordPress Timeline and History slider plugin <= 2.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2023-38708MEDIUMPimcore Path Traversal Vulnerability in AssetController:importServerFilesActionEPSS 0.5%CVE-2026-27400HIGHWordPress BookPro plugin <= 1.1.0 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2026-33166HIGHAllure Report has an Arbitrary File Read via Path Traversal in Attachment Processing (Allure 1, Allure 2, and XCTest Readers)EPSS 0.5%CVE-2025-62156HIGHargo-workflows Zip Slip path traversal allows arbitrary file write and container configuration overwriteEPSS 0.5%CVE-2024-38709MEDIUMWordPress GD Rating System plugin <= 3.6 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-3864MEDIUMCSI Driver for NFS path traversal via subDir may delete unintended directories on the NFS serverEPSS 0.5%CVE-2025-14520MEDIUMbaowzh hfly delfile path traversalEPSS 0.5%CVE-2024-55214MEDIUMLocal File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to obtain sensitive information via the file downlEPSS 0.5%CVE-2026-27018HIGHGotenberg: Chromium deny-list bypass via case-insensitive URL schemeEPSS 0.5%CVE-2025-54433HIGHBugsink is vulnerable to Path Traversal attacks via event_id in ingestionEPSS 0.5%CVE-2025-2817HIGHPrivilege escalation in Thunderbird UpdaterEPSS 0.5%CVE-2025-58470LOWQsync CentralEPSS 0.5%