Weaknesses of type CWE-22

4,828 results
CVE-2024-7248HIGHComodo Internet Security Pro Directory Traversal Local Privilege Escalation VulnerabilityEPSS 0.5%CVE-2024-10313HIGHiniNet Solutions SpiderControl SCADA PC HMI Editor Path TraversalEPSS 0.5%CVE-2025-43537LOWA path handling issue was addressed with improved validation. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2.EPSS 0.5%CVE-2026-45727HIGHCloakBrowser: Unauthenticated path traversal via fingerprint parameter in cloakserve leads to arbitrary directory deletionEPSS 0.5%CVE-2025-64433MEDIUMKubeVirt Arbitrary Container File ReadEPSS 0.5%CVE-2025-31070HIGHWordPress HTML5 Radio Player - WPBakery Page Builder Addon plugin <= 2.5 - Arbitrary File Download vulnerabilityEPSS 0.5%CVE-2025-30207LOWKirby vulnerable to path traversal in the router for PHP's built-in serverEPSS 0.5%CVE-2023-46237MEDIUMFOG path traversal via unauthenticated endpointEPSS 0.5%CVE-2026-6832HIGHNesquena Hermes WebUI Arbitrary File Deletion via Unvalidated session_idEPSS 0.5%CVE-2025-28955HIGHWordPress Easy Video Player Wordpress & WooCommerce plugin <= 10.0 - Arbitrary File Download VulnerabilityEPSS 0.5%CVE-2024-2552MEDIUMPAN-OS: Arbitrary File Delete Vulnerability in the Command Line Interface (CLI)EPSS 0.5%CVE-2025-48387HIGHtar-fs has issue where extract can write outside the specified dir with a specific tarballEPSS 0.5%CVE-2026-11595MEDIUMIBM WebSphere Application Server is affected by a Path Traversal vulnerabilityEPSS 0.5%CVE-2024-47351HIGHWordPress MaxSlider plugin <= 1.2.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-52811CRITICALGogs: UploadRepoFiles writes outside repo working tree via committed parent symEPSS 0.5%CVE-2025-8433MEDIUMcode-projects Document Management System dell.php unlink path traversalEPSS 0.5%CVE-2024-4576MEDIUMTIBCO EBX File Inclusion VulnerabilityEPSS 0.5%CVE-2025-61941HIGHA path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10. Arbitrary file may be altered by an administrative EPSS 0.5%CVE-2025-8081MEDIUMElementor <= 3.30.2 - Authenticated (Administrator+) Arbitrary File Read via Image ImportEPSS 0.5%CVE-2026-14352HIGHAR for WooCommerce <= 8.40 - Unauthenticated Path Traversal to Arbitrary File Read via 'file' ParameterEPSS 0.5%