Weaknesses of type CWE-22

4,771 results
CVE-2023-44256MEDIUMA server-side request forgery vulnerability [CWE-918] in Fortinet FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3 and before 7.0.8 EPSS 1.2%CVE-2026-22739HIGHSpring Cloud Config Profile Substitution Can Allow Unintended Access To Files And Enable SSRF AttacksEPSS 1.2%CVE-2021-37500HIGHDirectory traversal vulnerability in Reprise License Manager (RLM) web interface before 14.2BL4 in the diagnostics function that allows RLM EPSS 1.2%CVE-2017-0930augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read coEPSS 1.2%CVE-2025-58321CRITICALDIALink - Directory Traversal Authentication Bypass VulnerabilityEPSS 1.2%CVE-2026-25951HIGHFUXA has a Path Traversal Sanitization BypassEPSS 1.2%CVE-2023-3172MEDIUMPath Traversal in froxlor/froxlorEPSS 1.2%CVE-2024-54374HIGHWordPress Sogrid plugin <= 1.5.6 - Local File Inclusion vulnerabilityEPSS 1.2%CVE-2021-33555HIGHA vulnerability may allow remote attackers to read arbitrary files on the server of the WirelessHART-GatewayEPSS 1.2%CVE-2024-1974HIGHHT Mega – Absolute Addons For Elementor <= 2.4.5 - Authenticated (Contributor+) Directory TraversalEPSS 1.2%CVE-2025-34120HIGHLimeSurvey 2.0+ - 2.06+ Unauthenticated Arbitrary File Download via Serialized Backup PayloadEPSS 1.2%CVE-2019-17324ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traversal by issuing a special HTTP POST request with ../ characters. This cEPSS 1.2%CVE-2025-47492HIGHWordPress Drag and Drop File Upload for Elementor Forms plugin <= 1.4.3 - Arbitrary File Deletion VulnerabilityEPSS 1.2%CVE-2024-42469CRITICALCometVisu Backend for openHAB affected by RCE through path traversalEPSS 1.2%CVE-2024-8524HIGHDirectory Traversal in modelscope/agentscopeEPSS 1.2%CVE-2020-36321MEDIUMDirectory traversal in development mode handler in Vaadin 14 and 15-17EPSS 1.2%CVE-2023-34865CRITICALDirectory traversal vulnerability in ujcms 6.0.2 allows attackers to move files via the rename feature.EPSS 1.2%CVE-2024-41799HIGHtgstation-server's DreamMaker environment files outside the deployment directory can be compiled and ran by insufficiently permissioned usersEPSS 1.2%CVE-2018-25113HIGHDicoogle PACS Web Server 2.5.0 Unauthenticated Path TraversalEPSS 1.2%CVE-2023-25803HIGHRoxy-WI is a Web interface for managing Haproxy, Nginx, Apache, and Keepalived servers. Versions prior to 6.3.5.0 have a directory traversalEPSS 1.2%