Weaknesses of type CWE-22
4,786 resultsCVE-2024-4347HIGHWP Fastest Cache <= 1.2.6 - Authenticated (Administrator+) Arbitrary File DeletionEPSS 0.9%CVE-2024-1485HIGHRegistry-support: decompress can delete files outside scope via relative pathsEPSS 0.9%CVE-2023-25688MEDIUMIBM Security Key Lifecycle Manager information disclosureEPSS 0.9%CVE-2023-31477HIGHA path traversal issue was discovered on GL.iNet devices before 3.216. Through the file sharing feature, it is possible to share an arbitrarEPSS 0.9%CVE-2024-28151MEDIUMJenkins HTML Publisher Plugin 1.32 and earlier archives invalid symbolic links in report directories on agents and recreates them on the conEPSS 0.9%CVE-2023-42232HIGHPat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Navigator/Index function.EPSS 0.9%CVE-2026-22786HIGHGin-vue-admin has arbitrary file upload vulnerability caused by path traversalEPSS 0.9%CVE-2017-20105MEDIUMSimplessus path traversalEPSS 0.9%CVE-2022-45290CRITICALKbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /web/IndexController.java.EPSS 0.9%CVE-2023-5607HIGH
An improper limitation of a path name to a restricted directory (path traversal) vulnerability in the TACC ePO extension, for on-premises eEPSS 0.9%CVE-2022-45368HIGHWordPress 1003 Mortgage Application plugin <= 1.75 - Local File InclusionEPSS 0.9%CVE-2023-26758HIGHSme.UP TOKYO V6R1M220406 was discovered to contain an arbitrary file download vulnerabilty via the component /ResourceService.EPSS 0.9%CVE-2022-46835HIGHSailPoint IdentityIQ JavaServer File Path Traversal VulnerabilityEPSS 0.9%CVE-2022-42188HIGHIn Lavalite 9.0.0, the XSRF-TOKEN cookie is vulnerable to path traversal attacks, enabling read access to arbitrary files on the server.EPSS 0.9%CVE-2024-13910HIGHDatabase Backup and check Tables Automated With Scheduler 2024 <= 2.36 - Authenticated (Administrator+) Arbitrary File DeletionEPSS 0.9%CVE-2024-47253HIGHIn 2N Access Commander versions 3.1.1.2 and prior, a Path Traversal vulnerability could allow an attacker with administrative privileges to EPSS 0.9%CVE-2018-25312HIGHLifeSize ClearSea 3.1.4 Directory Traversal Remote Code ExecutionEPSS 0.9%CVE-2024-5179HIGHCowidgets – Elementor Addons <= 1.1.2 - Authenticated (Contributor+) Local File InclusionEPSS 0.9%CVE-2024-46977MEDIUMOpenC3 COSMOS allows a path traversal via screen controller (`GHSL-2024-127`)EPSS 0.9%CVE-2024-7926MEDIUMZZCMS about_edit.php path traversalEPSS 0.9%