Weaknesses of type CWE-22
4,783 resultsCVE-2020-24855MEDIUMDirectory Traversal vulnerability in easywebpack-cli before 4.5.2 allows attackers to obtain sensitive information via crafted GET request.EPSS 1.0%CVE-2024-7777CRITICALContact Form by Bit Form: Multi Step Form, Calculation Contact Form, Payment Contact Form & Custom Contact Form builder 2.0 - 2.13.9 - Authenticated (Administrator+) Arbitrary File Read And DeletionEPSS 1.0%CVE-2024-37037HIGHCWE-22: Improper Limitation of a Pathname to a Restricted Directory (‘Path
Traversal’) vulnerability exists that could allow an authenticateEPSS 1.0%CVE-2019-25097MEDIUMsoerennb eXtplorer Directory Content path traversalEPSS 1.0%CVE-2024-4315CRITICALLFI Vulnerability due to Lack of Path Sanitization in parisneo/lollmsEPSS 1.0%CVE-2024-11123MEDIUM上海灵当信息科技有限公司 Lingdang CRM pdf.php path traversalEPSS 1.0%CVE-2024-27145CRITICALMultiple Post-authenticated Remote Code ExecutionEPSS 1.0%CVE-2025-0493CRITICALMultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution <= 4.2.14 - Unauthenticated Limited Local File InclusionEPSS 1.0%CVE-2022-45894MEDIUMGetFile.aspx in Planet eStream before 6.72.10.07 allows ..\ directory traversal to read arbitrary local files.EPSS 1.0%CVE-2022-27615HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology DNS Server before EPSS 1.0%CVE-2023-30265MEDIUMCLTPHP <=6.0 is vulnerable to Directory Traversal.EPSS 1.0%CVE-2018-25048HIGHCodesys Runtime Improper Limitation of a PathnameEPSS 1.0%CVE-2026-5478HIGHEverest Forms <= 3.4.4 - Unauthenticated Arbitrary File Read and Deletion via Upload Field 'old_files' ParameterEPSS 1.0%CVE-2021-25020—CAOS < 4.1.9 - Admin+ Arbitrary Folder Deletion via Path TraversalEPSS 1.0%CVE-2024-5548HIGHDirectory Traversal in stitionai/devikaEPSS 1.0%CVE-2021-25021—OMGF < 4.5.12 - Admin+ Arbitrary Folder Deletion via Path TraversalEPSS 1.0%CVE-2024-5709HIGHWPBakery <= 7.7 - Authenticated (Author+) Local File InclusionEPSS 1.0%CVE-2026-48282CRITICALColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)EPSS 1.0%CVE-2024-50508HIGHWordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Download vulnerabilityEPSS 1.0%CVE-2024-25006HIGHXenForo before 2.2.14 allows Directory Traversal (with write access) by an authenticated user who has permissions to administer styles, and EPSS 1.0%