Weaknesses of type CWE-73
466 resultsCVE-2025-13380MEDIUMAI Engine for WordPress: ChatGPT, GPT Content Generator <= 1.0.1 - Authenticated (Contributor+) Arbitrary File ReadEPSS 0.5%CVE-2025-58158HIGHHarness Affected by Arbitrary File Write in Gitness LFS serverEPSS 0.5%CVE-2026-23898HIGHJoomla! Core - [20260305] - Arbitrary file deletion in com_joomlaupdateEPSS 0.5%CVE-2025-10494HIGHMotors – Car Dealership & Classified Listings Plugin <= 1.4.89 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 0.4%CVE-2024-33860MEDIUMAn issue was discovered in Logpoint before 7.4.0. It allows Local File Inclusion (LFI) when an arbitrary File Path is used within the File SEPSS 0.4%CVE-2026-33329HIGHFileRise: Path Traversal in `resumableIdentifier` Leading to Arbitrary File Write, Recursive Directory Deletion, and Limited Existence OracleEPSS 0.4%CVE-2026-35465HIGHSecureDrop Client has path injection in read_gzip_header_filename()EPSS 0.4%CVE-2025-49138MEDIUMHAX CMS vulnerable to Local File Inclusion via saveOutline API Location ParameterEPSS 0.4%CVE-2025-55746CRITICALDirectus allows unauthenticated file upload and file modification due to lacking input sanitizationEPSS 0.4%CVE-2026-26202HIGHPenpot has Arbitrary File Read via create-font-variant RPC endpointEPSS 0.4%CVE-2025-54162MEDIUMFile Station 5EPSS 0.4%CVE-2025-53912CRITICALAn arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS Premium 7.3.6.870. A specially crafted HTTEPSS 0.4%CVE-2025-47956MEDIUMWindows Security App Spoofing VulnerabilityEPSS 0.4%CVE-2025-53363MEDIUMDpanel has an arbitrary file read vulnerabilityEPSS 0.4%CVE-2026-32749HIGHSiYuan importSY/importZipMd: Path Traversal via multipart filename enables arbitrary file writeEPSS 0.4%CVE-2024-51961HIGHLocal file inclusion (LFI) vulnerability in ArcGIS ServerEPSS 0.4%CVE-2026-33645HIGHFireshare has Path Traversal Arbitrary File Write in `/api/uploadChunked`EPSS 0.4%CVE-2024-9275MEDIUMjeanmarc77 123solar admin_invt2.php file inclusionEPSS 0.4%CVE-2025-12654LOWMigration, Backup, Staging – WPvivid Backup & Migration <= 0.9.120 - Authenticated (Admin+) Arbitrary Directory CreationEPSS 0.4%CVE-2025-64714MEDIUMPrivateBin's template-switching feature allows arbitrary local file inclusion through path traversalEPSS 0.4%