Weaknesses of type CWE-35
170 resultsCVE-2025-30014HIGHDirectory Traversal vulnerability in SAP Capital Yield Tax ManagementEPSS 0.7%CVE-2025-32585HIGHWordPress Shop Products Filter Plugin <= 1.2 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2024-5481MEDIUMPhoto Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.8.23 - Authenticated (Contributor+) Path Traversal via esc_dir FunctionEPSS 0.7%CVE-2024-27901HIGHDirectory Traversal vulnerability in SAP Asset AccountingEPSS 0.7%CVE-2024-54313MEDIUMWordPress FULL – Cliente plugin <= 3.1.25 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2024-38706MEDIUMWordPress HT Mega plugin <= 2.5.7 - JSON Path Traversal vulnerabilityEPSS 0.7%CVE-2025-59099HIGHUnauthenticated Path Traversal in dormakaba access managerEPSS 0.7%CVE-2025-26357MEDIUMA CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticateEPSS 0.7%CVE-2022-2265HIGHPath traversal in Identity and Directory Management SystemEPSS 0.7%CVE-2022-3693HIGHPath traversal in FileOrbis File Management SystemEPSS 0.7%CVE-2026-20034HIGHCisco Unity Connection Remote Code Execution VulnerabilityEPSS 0.7%CVE-2024-50054HIGHmySCADA myPRO Path TraversalEPSS 0.7%CVE-2023-5800MEDIUMInsufficient input validation in VAPIX API create_overlay.cgiEPSS 0.7%CVE-2024-49770HIGHoak's path traversal allows transfer of hidden files within the served root directoryEPSS 0.7%CVE-2025-42937CRITICALDirectory Traversal vulnerability in SAP Print ServiceEPSS 0.7%CVE-2023-21417HIGHSandro Poppi, member of the AXIS OS Bug Bounty Program,
has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversaEPSS 0.7%CVE-2023-21416HIGHSandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi was vulnerable to a Denial-of-ServicEPSS 0.7%CVE-2023-21418HIGHSandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks EPSS 0.7%CVE-2025-22786HIGHWordPress ElementInvader Addons for Elementor plugin <= 1.2.6 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2026-45661CRITICALDokploy: Remote Code Execution through Path TraversalEPSS 0.7%