Weaknesses of type CWE-73
466 resultsCVE-2025-1972LOWExport and Import Users and Customers <= 2.6.2 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page FunctionEPSS 0.4%CVE-2026-35078HIGHArbitrary file delete vulnerability in method ugw-logstopEPSS 0.4%CVE-2026-35080HIGHArbitrary file delete vulnerability in method ugw-restoreinfoEPSS 0.4%CVE-2026-35076HIGHArbitrary file delete vulnerability in method bac-scanresultEPSS 0.4%CVE-2026-35079HIGHArbitrary file delete vulnerability in method ugw-restoreEPSS 0.4%CVE-2025-35053MEDIUMNewforma Info Exchange (NIX) arbitrary file read and deleteEPSS 0.4%CVE-2026-35077HIGHArbitrary file delete vulnerability in method ugw-delete-fileEPSS 0.4%CVE-2025-36506MEDIUMExternal control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0. If an attacker sends a speEPSS 0.4%CVE-2024-6937MEDIUMformtools.org Form Tools Import Option List edit.php curl_exec file inclusionEPSS 0.4%CVE-2023-21566HIGHVisual Studio Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2025-26684MEDIUMMicrosoft Defender Elevation of Privilege VulnerabilityEPSS 0.4%CVE-2024-47265MEDIUMImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in encrypted share umount functionality in SynoEPSS 0.4%CVE-2025-53769MEDIUMWindows Security App Spoofing VulnerabilityEPSS 0.4%CVE-2026-28459HIGHOpenClaw < 2026.2.12 - Arbitrary File Write via Untrusted sessionFile PathEPSS 0.4%CVE-2024-21545HIGHProxmox Virtual Environment is an open-source server management platform for enterprise virtualization. Insufficient safeguards against maliEPSS 0.4%CVE-2025-29930MEDIUMimFAQ allows local file inclusion in seo.phpEPSS 0.4%CVE-2025-62611HIGHaiomysql allows arbitrary access to client files through vulnerability of a malicious MySQL serverEPSS 0.4%CVE-2026-43891HIGHchangedetection.io: Arbitrary Local File Read via crafted backup restoreEPSS 0.4%CVE-2025-52465HIGHGeoServer has an arbitrary file write vulnerability in its Master Password Dump PageEPSS 0.4%CVE-2025-6237CRITICALPath Traversal and Arbitrary File Deletion in invoke-ai/invokeaiEPSS 0.4%