Weaknesses of type CWE-22
4,746 resultsCVE-2022-3361MEDIUMUltimate Member – User Profile, User Registration, Login & Membership Plugin <= 2.5.0 - Authenticated (Contributor+) Directory Traversal via ShortcodesEPSS 2.5%CVE-2017-16605—This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.EPSS 2.5%CVE-2022-29511CRITICALA directory traversal vulnerability exists in the KnowledgebasePageActions.aspx ImportArticles functionality of Lansweeper lansweeper 10.1.1EPSS 2.5%CVE-2022-27657—A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient vEPSS 2.5%CVE-2024-7034MEDIUMRemote Code Execution due to Arbitrary File Write in open-webui/open-webuiEPSS 2.5%CVE-2020-14490HIGHOpenClinic GAEPSS 2.5%CVE-2017-16600—This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 builEPSS 2.5%CVE-2021-39180HIGHPath Traversal in Archive Handling Leading to Code ExecutionEPSS 2.4%CVE-2024-39786CRITICALMultiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially EPSS 2.4%CVE-2024-39787CRITICALMultiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of Wavlink AC3000 M33A8.V5030.210505. A specially EPSS 2.4%CVE-2018-3732—resolve-path node module before 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special chEPSS 2.4%CVE-2023-3961CRITICALSamba: smbd allows client access to unix domain sockets on the file system as rootEPSS 2.4%CVE-2026-9290HIGHWP User Manager <= 2.9.17 - Unauthenticated Path Traversal to Local File Inclusion via 'tab' Query ParameterEPSS 2.4%CVE-2021-21894CRITICALA directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specEPSS 2.4%CVE-2023-51639CRITICALAllegra downloadExportedChart Directory Traversal Authentication Bypass VulnerabilityEPSS 2.4%CVE-2016-7063—A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation.EPSS 2.4%CVE-2023-42129MEDIUMA10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure VulnerabilityEPSS 2.4%CVE-2023-40493CRITICALLG Simple Editor copySessionFolder Directory Traversal Remote Code Execution VulnerabilityEPSS 2.4%CVE-2021-21880HIGHA directory traversal vulnerability exists in the Web Manager FsCopyFile functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-EPSS 2.4%CVE-2021-21885HIGHA directory traversal vulnerability exists in the Web Manager FsMove functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially crafEPSS 2.4%