Weaknesses of type CWE-22
4,833 resultsCVE-2024-43373HIGHwebcrack has an Arbitrary File Write Vulnerability on Windows when Parsing and Saving a Malicious BundleEPSS 0.4%CVE-2026-13528MEDIUMYunaiV/zhijiantianya ruoyi-vue-pro AppFileController File Upload Endpoint FileServiceImpl.java generateUploadPath path traversalEPSS 0.4%CVE-2025-59384HIGHQfilingEPSS 0.4%CVE-2024-38717HIGHWordPress Booking Ultra Pro Appointments Booking Calendar plugin <= 1.1.13 - Local File Inclusion vulnerabilityEPSS 0.4%CVE-2026-39859MEDIUMLiquidJS has a renderFile() / parseFile() bypass configured root and allow arbitrary file readEPSS 0.4%CVE-2025-13972MEDIUMWatchTowerHQ <= 3.16.0 - Authenticated (Administrator+) Arbitrary File Read via 'wht_download_big_object_origin' ParameterEPSS 0.4%CVE-2025-10283CRITICALImproper .git Sanitization in gitdumper Enables RCEEPSS 0.4%CVE-2026-48777CRITICALFileBrowser Quantum: Path Traversal in public share PATCH allows file ops outside shared directoryEPSS 0.4%CVE-2026-30351HIGHA path traversal vulnerability in the UI/static component of leonvanzyl autocoder commit 79d02a allows attackers to read arbitrary files viaEPSS 0.4%CVE-2023-47221MEDIUMPhoto StationEPSS 0.4%CVE-2023-41291MEDIUMQuFirewallEPSS 0.4%CVE-2026-3666HIGHwpForo Forum <= 2.4.16 - Authenticated (Subscriber+) Arbitrary File Deletion via Post BodyEPSS 0.4%CVE-2024-54169MEDIUMIBM EntireX path traversalEPSS 0.4%CVE-2025-49448HIGHWordPress FW Food Menu plugin <= 6.0.0 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2023-2971MEDIUMTypora Local File DisclosureEPSS 0.4%CVE-2025-30270MEDIUMQTS, QuTS heroEPSS 0.4%CVE-2025-33038HIGHQsync CentralEPSS 0.4%CVE-2024-34808MEDIUMWordPress JCH Optimize plugin <= 4.2.0 - Path Traversal vulnerabilityEPSS 0.4%CVE-2025-30271MEDIUMQTS, QuTS heroEPSS 0.4%CVE-2025-33033HIGHQsync CentralEPSS 0.4%