Fallos del tipo CWE-22

4805 resultados
CVE-2025-12824HIGHPlayer Leaderboard 1.0.0 - 1.0.2 - Authenticated (Contributor+) Local File InclusionEPSS 0.7%CVE-2024-56509HIGHchangedetection.io has Improper Input Validation Leading to LFR/Path TraversalEPSS 0.7%CVE-2026-8023HIGHPath traversal in Zephyr HTTP server static-filesystem resource handler allows unauthenticated remote arbitrary file readEPSS 0.7%CVE-2025-56869MEDIUMDirectory traversal vulnerability in Sync In server thru 1.1.1 allowing authenticated attackers to gain read and write access to the system EPSS 0.7%CVE-2026-6024MEDIUMTenda i6 HTTP R7WebsSecurityHandlerfunction path traversalEPSS 0.7%CVE-2026-5710HIGHDrag and Drop Multiple File Upload for Contact Form 7 <= 1.3.9.6 - Unauthenticated Limited Arbitrary File Read via mfile FieldEPSS 0.7%CVE-2026-49119HIGHGradio < 6.16.0 Path Traversal via FileExplorer.preprocess()EPSS 0.7%CVE-2025-0365MEDIUMJupiterx Core <= 4.8.7 - Authenticated (Contributor+) Arbitrary File ReadEPSS 0.7%CVE-2024-44195HIGHA logic issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.1. An app may be able to read arbitrary files.EPSS 0.7%CVE-2026-32846HIGHOpenClaw < 2026.3.28 Media Parsing Path Traversal to Arbitrary File ReadEPSS 0.7%CVE-2025-2158HIGHWordPress Review Plugin: The Ultimate Solution for Building a Review Website <= 5.3.5 - Authenticated (Contributor+) Local File Inclusion via Post Custom FieldsEPSS 0.7%CVE-2024-7744MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Progress WS_FTP ServerEPSS 0.7%CVE-2026-33292HIGHAVideo has Authorization Bypass via Path Traversal in HLS Endpoint Allows Streaming Private/Paid VideosEPSS 0.7%CVE-2024-47164LOWThe `is_in_or_equal` function may be bypassed in GradioEPSS 0.7%CVE-2025-23343HIGHThe NVIDIA NVDebug tool contains a vulnerability that may allow an actor to write files to restricted components. A successful exploit of thEPSS 0.7%CVE-2025-67171HIGHIncorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal.EPSS 0.7%CVE-2026-56078HIGHPraisonAI - Arbitrary File Read and Write via Path Traversal in MultiAgentMonitorEPSS 0.7%CVE-2026-36500CRITICALAn issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers to execute a directory traversal via a craftEPSS 0.7%CVE-2026-3289MEDIUMSanluan PublicCMS Template Cache Generation TemplateCacheComponent.java saveMetadata path traversalEPSS 0.7%CVE-2023-23700HIGHWordPress OceanWP theme <= 3.4.1 - Authenticated Local File Inclusion vulnerabilityEPSS 0.7%