Weaknesses of type CWE-22
4,728 resultsCVE-2021-21879CRITICALA directory traversal vulnerability exists in the Web Manager File Upload functionality of Lantronix PremierWave 2050 8.9.0.0R4. A speciallyEPSS 3.7%CVE-2025-12055HIGHUnauthenticated Local File Disclosure in MPDV Mikrolab MIP 2 / FEDRA 2 / HYDRA X Manufacturing Execution SystemEPSS 3.7%CVE-2023-0947HIGHPath Traversal in flatpressblog/flatpressEPSS 3.6%CVE-2021-40745HIGHAdobe Campaign Path Traversal Leads to Information ExposureEPSS 3.6%CVE-2017-6652—A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitEPSS 3.6%CVE-2024-35219HIGHOpenAPI Generator Online - Arbitrary File Read/DeleteEPSS 3.6%CVE-2023-27640HIGHAn issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged wEPSS 3.6%CVE-2018-13812—A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor PanelsEPSS 3.6%CVE-2023-27639HIGHAn issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged wEPSS 3.6%CVE-2017-11511—The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filEPSS 3.5%CVE-2022-50932HIGHKyocera Command Center RX ECOSYS M2035dn - Directory Traversal File Disclosure (Unauthenticated)EPSS 3.5%CVE-2024-10763CRITICALCampress <= 1.35 - Unauthenticated Local File InclusionEPSS 3.5%CVE-2019-10218MEDIUMA flaw was found in the samba client, all samba versions before samba 4.11.2, 4.10.10 and 4.9.15, where a malicious server can supply a pathEPSS 3.5%CVE-2020-13550HIGHA local file inclusion vulnerability exists in the installation functionality of Advantech WebAccess/SCADA 9.0.1. A specially crafted applicEPSS 3.5%CVE-2020-19678HIGHDirectory Traversal vulnerability found in Pfsense v.2.1.3 and Pfsense Suricata v.1.4.6 pkg v.1.0.1 allows a remote attacker to obtain sensiEPSS 3.5%CVE-2017-16591—This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise ManagEPSS 3.5%CVE-2017-16592—This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise ManagEPSS 3.5%CVE-2017-16595—This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise ManagEPSS 3.5%CVE-2017-16596—This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise ManagEPSS 3.5%CVE-2023-28458MEDIUMpretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Organizers can trigger the overwriting (with the stEPSS 3.4%