Weaknesses of type CWE-22

4,761 results
CVE-2018-3724general-file-server node module suffers from a Path Traversal vulnerability due to lack of validation of currpath, which allows a malicious EPSS 1.8%CVE-2021-24638OMGF < 4.5.4 - Unauthenticated Path Traversal in REST APIEPSS 1.8%CVE-2022-22931Path traversal in Apache James 3.6.1EPSS 1.8%CVE-2024-53586MEDIUMAn issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform directory traversal via a crafted HTTP request. BEPSS 1.8%CVE-2020-35460MEDIUMcommon/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows directory traversal in the zip stream handler flow, leading to the writinEPSS 1.8%CVE-2024-27984HIGHA Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete specific tEPSS 1.8%CVE-2017-16153gaoxuyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.EPSS 1.8%CVE-2024-25386HIGHDirectory Traversal vulnerability in DICOM® Connectivity Framework by laurelbridge before v.2.7.6b allows a remote attacker to execute arbitEPSS 1.7%CVE-2017-14804CRITICALpackage builds could use directory traversal to write outside of target areaEPSS 1.7%CVE-2021-32527HIGHQSAN Storage Manager - Path Traversal-2EPSS 1.7%CVE-2021-36471CRITICALDirectory Traversal vulnerability in AdminLTE 3.1.0 allows remote attackers to gain escalated privilege and view sensitive information via /EPSS 1.7%CVE-2021-43800HIGHAsset directory traversal with some storage modules on WindowsEPSS 1.7%CVE-2023-2688MEDIUMWordPress File Upload / WordPress File Upload Pro <= 4.19.1 - Authenticated (Administrator+) Path TraversalEPSS 1.7%CVE-2022-39040HIGHaEnrich a+HRD - Path TraversalEPSS 1.7%CVE-2021-32769HIGHImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in micronaut-coreEPSS 1.7%CVE-2019-3556HHVM supports the use of an "admin" server which accepts administrative requests over HTTP. One of those request handlers, dump-pcre-cache, EPSS 1.7%CVE-2026-1557HIGHWP Responsive Images <= 1.0 - Unauthenticated Path Traversal to Arbitrary File Read via srcEPSS 1.7%CVE-2025-67254HIGHNagiosXI 2026R1.0.1 build 1762361101 is vulnerable to Directory Traversal in /admin/coreconfigsnapshots.php.EPSS 1.7%CVE-2026-25055HIGHn8n Arbitrary File Write on Remote Systems via SSH NodeEPSS 1.7%CVE-2025-13801HIGHYoco Payments <= 3.9.0 - Unauthenticated Arbitrary File ReadEPSS 1.7%