Weaknesses of type CWE-22
4,765 resultsCVE-2024-11239MEDIUMLandray EKP API Interface import.do deleteFile path traversalEPSS 1.5%CVE-2019-5447—A path traversal vulnerability in <= v0.2.6 of http-file-server npm module allows attackers to list files in arbitrary folders.EPSS 1.5%CVE-2019-5444—Path traversal vulnerability in version up to v1.1.3 in serve-here.js npm module allows attackers to list any file in arbitrary folder.EPSS 1.5%CVE-2025-45890CRITICALDirectory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to execute arbitrary code via the filePath parameterEPSS 1.5%CVE-2025-2292MEDIUMXorcom CompletePBX <= 5.2.35 Authenticated File DisclosureEPSS 1.5%CVE-2022-45867HIGHMyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users, with high privileges, to achEPSS 1.5%CVE-2022-1518CRITICAL3.2.2 IMPROPER LIMITATION OF A PATHNAME TO A RESTRICTED DIRECTORY ('PATH TRAVERSAL') CWE-22EPSS 1.5%CVE-2024-34313CRITICALAn issue in VPL Jail System up to v4.0.2 allows attackers to execute a directory traversal via a crafted request to a public endpoint.EPSS 1.5%CVE-2016-10561—Bitty is a development web server tool that functions similar to `python -m SimpleHTTPServer`. Version 0.2.10 has a directory traversal vulnEPSS 1.5%CVE-2024-28698CRITICALDirectory Traversal vulnerability in Marimer LLC CSLA .Net before 8.0 allows a remote attacker to execute arbitrary code via a crafted scripEPSS 1.5%CVE-2022-39033CRITICALSmart eVision - Path Traversal -1EPSS 1.5%CVE-2022-39261HIGHTwig may load a template outside a configured directory when using the filesystem loaderEPSS 1.5%CVE-2022-26884MEDIUMApache DolphinScheduler exposes files without authenticationEPSS 1.5%CVE-2011-10010CRITICALQuickShare File Server 1.2.1 Path Traversal RCEEPSS 1.5%CVE-2019-5438—Path traversal using symlink in npm harp module versions <= 0.29.0.EPSS 1.5%CVE-2022-24843HIGHPath Traversal in github.com/flipped-aurora/gin-vue-adminEPSS 1.5%CVE-2022-0665MEDIUMPath Traversal in pimcore/pimcoreEPSS 1.5%CVE-2025-2941CRITICALDrag and Drop Multiple File Upload for WooCommerce <= 1.1.4 - Unauthenticated Arbitrary File MoveEPSS 1.5%CVE-2025-47273HIGHsetuptools has a path traversal vulnerability in PackageIndex.download that leads to Arbitrary File WriteEPSS 1.5%CVE-2026-9778HIGHATEN Unizon ImportDeviceList Directory Traversal Remote Code Execution VulnerabilityEPSS 1.5%