Fallos del tipo CWE-22

4806 resultados
CVE-2024-10830HIGHPath Traversal in eosphoros-ai/db-gptEPSS 0.7%CVE-2025-1310MEDIUMJobs for WordPress <= 2.7.11 - Authenticated (Subscriber+) Arbitrary File ReadEPSS 0.7%CVE-2024-51127CRITICALAn issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.EPSS 0.7%CVE-2024-3934MEDIUMMercado Pago payments for WooCommerce 7.3.0 - 7.6.1 - Authenticated (Subscriber+) Arbitrary File DownloadEPSS 0.7%CVE-2024-34315HIGHCmsEasy v7.7.7.9 was discovered to contain a local file inclusion vunerability via the file_get_contents function in the fckedit_action methEPSS 0.7%CVE-2024-52481HIGHWordPress Jobify theme < 4.3.0 - Unauthenticated Arbitrary File Read vulnerabilityEPSS 0.7%CVE-2026-30976HIGHSonarr Path Traversal vulnerabilityEPSS 0.7%CVE-2022-4031LOWSimple:Press <= 6.8 - Authenticated (Admin+) Path Traversal to Arbitrary File ModificationEPSS 0.7%CVE-2025-7628MEDIUMYiJiuSmile kkFileViewOfficeEdit deleteFile path traversalEPSS 0.7%CVE-2024-10707MEDIUMLocal File Inclusion in gaizhenbiao/chuanhuchatgptEPSS 0.7%CVE-2024-35162MEDIUMPath traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploiteEPSS 0.7%CVE-2025-25243HIGHPath traversal vulnerability in SAP Supplier Relationship Management (Master Data Management Catalog)EPSS 0.7%CVE-2025-26534HIGHWordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerabilityEPSS 0.7%CVE-2025-26540HIGHWordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerabilityEPSS 0.7%CVE-2025-54387MEDIUMIPX is Vulnerable to Path Traversal via Prefix Matching BypassEPSS 0.7%CVE-2022-45921HIGHFusionAuth before 1.41.3 allows a file outside of the application root to be viewed or retrieved using an HTTP request. To be specific, an aEPSS 0.7%CVE-2024-45175HIGHAn issue was discovered in za-internet C-MOR Video Surveillance 5.2401. Sensitive information is stored in cleartext. It was found out that EPSS 0.7%CVE-2024-24311HIGHPath Traversal vulnerability in Linea Grafica "Multilingual and Multistore Sitemap Pro - SEO" (lgsitemaps) module for PrestaShop before versEPSS 0.7%CVE-2024-32024MEDIUMKohya_ss vulenrable to path injection in `common_gui.py` `add_pre_postfix` function (`GHSL-2024-023`)EPSS 0.7%CVE-2024-41704CRITICALLibreChat through 0.7.4-rc1 does not validate the normalized pathnames of images.EPSS 0.7%