Weaknesses of type CWE-22

4,830 results
CVE-2025-34047HIGHLeadsec VPN Path Traversal Arbitrary File ReadEPSS 0.5%CVE-2025-36530MEDIUMImport Path Traversal Enables Unauthorized Unsigned Plugin InstallationEPSS 0.5%CVE-2024-35081HIGHLuckyFrameWeb v3.5.2 was discovered to contain an arbitrary file deletion vulnerability via the fileName parameter in the fileDownload methoEPSS 0.5%CVE-2025-48124HIGHWordPress Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light plugin <= 2.4.37 - Arbitrary File Download VulnerabilityEPSS 0.5%CVE-2025-13698MEDIUMDeciso OPNsense diag_backup.php filename Directory Traversal Arbitrary File Creation VulnerabilityEPSS 0.5%CVE-2013-10046HIGHAgnitum Outpost Internet Security Local Privilege EscalationEPSS 0.5%CVE-2025-31635HIGHWordPress CLEVER plugin <= 2.6 - Arbitrary File Download VulnerabilityEPSS 0.5%CVE-2025-35430MEDIUMCISA Thorium insecure downloaded file path validationEPSS 0.5%CVE-2025-31050HIGHWordPress Apptha Slider Gallery plugin <= 2.5 - Arbitrary File Read vulnerabilityEPSS 0.5%CVE-2025-4898MEDIUMSourceCodester Student Result Management System Logo File update_system.php unlink path traversalEPSS 0.5%CVE-2026-54094HIGHFile Browser: Symlink following lets scoped users read, overwrite, and share files outside their filebrowser scopeEPSS 0.5%CVE-2023-41302Redirection permission verification vulnerability in the home screen module. Successful exploitation of this vulnerability may cause featureEPSS 0.5%CVE-2026-1616HIGHosim: Path Traversal via query parameters in Nginx configurationEPSS 0.5%CVE-2025-62449MEDIUMMicrosoft Visual Studio Code CoPilot Chat Extension Security Feature Bypass VulnerabilityEPSS 0.5%CVE-2023-41290MEDIUMQuFirewallEPSS 0.5%CVE-2026-7235MEDIUMErlichLiu claude-agent-sdk-master route.ts path traversalEPSS 0.5%CVE-2025-47511MEDIUMWordPress Welcart e-Commerce plugin <= 2.11.13 - Arbitrary File Deletion VulnerabilityEPSS 0.5%CVE-2025-69128HIGHWordPress JobCareer theme <= 7.3 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2019-10152HIGHA path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacEPSS 0.5%CVE-2019-25727CRITICALWordPress Plugin ad manager wd 1.0.11 Arbitrary File DownloadEPSS 0.5%