Fallos del tipo CWE-22

4830 resultados
CVE-2026-6568MEDIUMkodcloud KodExplorer Public Share share.class.php initShareOld path traversalEPSS 0.5%CVE-2024-37501HIGHWordPress Advanced Classifieds & Directory Pro plugin <= 3.1.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-10108HIGHxiaomusic 0.5.7 Path Traversal via GET /music endpointEPSS 0.5%CVE-2024-25614MEDIUMThere is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the aEPSS 0.5%CVE-2025-58423HIGHAdvantech DeviceOn/iEdge Path TraversalEPSS 0.5%CVE-2026-8756MEDIUMfishaudio Bert-VITS2 Gradio webui_preprocess.py generate_config path traversalEPSS 0.5%CVE-2026-7404MEDIUMgetsimpletool mcpo-simple-server base_manager.py delete_shared_prompt path traversalEPSS 0.5%CVE-2024-44012HIGHWordPress WP Newsletter Subscription plugin <= 1.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44017HIGHWordPress MH Board plugin <= 1.3.2.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44015HIGHWordPress Users Control plugin <= 1.0.16 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44016HIGHWordPress Podiant plugin <= 1.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-47916HIGHBoa web server - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')EPSS 0.5%CVE-2024-44018HIGHWordPress Instant Chat WP plugin <= 1.0.5 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-44011HIGHWordPress WP Ticket Ultra plugin <= 1.0.5 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-13265MEDIUMlsfusion platform ZipUtils.java unpackFile path traversalEPSS 0.5%CVE-2024-44034HIGHWordPress WPSPX plugin <= 1.0.2 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-35781MEDIUMWordPress Word Balloon plugin <= 4.21.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-38704MEDIUMWordPress Team Manager plugin <= 2.1.12 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2023-3330Improper Limitation of a Pathname to a Restricted Directory vulnerability in NEC Corporation Aterm WG2600HP2, WG2600HP, WG2200HP, WG1800HP2,EPSS 0.5%CVE-2026-36726MEDIUMAn arbitrary file deletion vulnerability in the /api/delete-temp-license/{file} endpoint of bookcars v8.3 allows unauthenticated attackers tEPSS 0.5%