Weaknesses of type CWE-22

4,836 results
CVE-2025-48158HIGHWordPress BuddyPress XProfile Custom Image Field Plugin <= 3.0.1 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2024-41373MEDIUMICEcoder 8.1 contains a Path Traversal vulnerability via lib/backup-versions-preview-loader.php.EPSS 0.4%CVE-2024-8685MEDIUMPath-Traversal vulnerability in Revolution PiEPSS 0.4%CVE-2026-7059MEDIUM666ghj MiroFish Query Parameter simulation.py get_simulation_posts path traversalEPSS 0.4%CVE-2026-7132MEDIUMcode-projects Online Lot Reservation System download.php readfile path traversalEPSS 0.4%CVE-2024-47266LOWImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in share file list functionality in Synology AcEPSS 0.4%CVE-2026-7217MEDIUMDeepractice PromptX Document File index.ts read_pdf absolute path traversalEPSS 0.4%CVE-2025-13677MEDIUMSimple Download Counter <= 2.2.2 - Authenticated (Administrator+) Arbitrary File Read via Path TraversalEPSS 0.4%CVE-2024-22377MEDIUMPingFederate Runtime Node Path TraversalEPSS 0.4%CVE-2025-31053HIGHWordPress KBx Pro Ultimate plugin < 8.0.5 - Arbitrary File Deletion VulnerabilityEPSS 0.4%CVE-2026-28393HIGHOpenClaw 2.0.0-beta3 < 2026.2.14 - Arbitrary JavaScript Module Loading via Hook Transform Path TraversalEPSS 0.4%CVE-2026-40876HIGHSFTP root escape via prefix-based path validation in goshsEPSS 0.4%CVE-2025-47512HIGHWordPress Tainacan plugin <= 0.21.14 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-9467MEDIUMdebugmcp mcp-debugger server.ts handleGetSourceContext path traversalEPSS 0.4%CVE-2019-1836MEDIUMCisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Symbolic Link Path Traversal VulnerabilityEPSS 0.4%CVE-2026-35050CRITICALtext-generation-webui affected by Remote Code Execution (RCE) through Path Traversal at "Session -> Save extention settings to user_data/settings.yaml".EPSS 0.4%CVE-2026-25635HIGHcalibre has a Path Traversal Leading to Arbitrary File Write and Potential Code ExecutionEPSS 0.4%CVE-2022-4982HIGHDBLTek GoIP-1 vGHSFVT-1.1-67-5 Unauthenticated LFIEPSS 0.4%CVE-2025-36236HIGHAIX Path TraversalEPSS 0.4%CVE-2026-4222MEDIUMSSCMS download PathUtils.RemoveParentPath path traversalEPSS 0.4%