Fallos del tipo CWE-22
4856 resultadosCVE-2024-54489MEDIUMA path handling issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura EPSS 0.4%CVE-2025-63372MEDIUMArticentgroup Zip Rar Extractor Tool 1.345.93.0 is vulnerable to Directory Traversal. The vulnerability resides in the ZIP file processing cEPSS 0.4%CVE-2025-4868MEDIUMmerikbest ecommerce-spring-reactjs File Upload Endpoint admin path traversalEPSS 0.4%CVE-2026-29190MEDIUMKarapace: Path Traversal in Backup ReaderEPSS 0.4%CVE-2025-34238MEDIUMAdvantech WebAccess/VPN < 1.1.5 Path Traversal via AjaxStandaloneVpnClientsController.ajaxDownloadRoadWarriorConfigFileAction()EPSS 0.4%CVE-2026-59510HIGHAuthenticated Path Traversal in AIL Framework PDF Object Handling Enables Potential Arbitrary File ReadEPSS 0.4%CVE-2026-7024MEDIUMrawchen sims deleteFileServlet Endpoint DeleteFileServlet.java path traversalEPSS 0.4%CVE-2025-14420HIGHpdfforge PDF Architect CBZ File Parsing Directory Traversal Remote Code Execution VulnerabilityEPSS 0.4%CVE-2026-34604HIGH@tinacms/graphql's `FilesystemBridge` Path Validation Can Be Bypassed via Symlinks or JunctionsEPSS 0.4%CVE-2026-12211MEDIUMIntelbras iNVU 7016 FT Web syslog path traversalEPSS 0.4%CVE-2026-45556CRITICALRoxy-WI: Authenticated arbitrary file write on every managed load balancer (and downstream RCE) via WAF rule save `config_file_name`EPSS 0.4%CVE-2026-27522HIGHOpenClaw < 2026.2.24 - Arbitrary File Read via sendAttachment and setGroupIcon Message ActionsEPSS 0.4%CVE-2026-9145MEDIUMDatabase for Contact Form 7, WPforms, Elementor forms <= 1.5.1 - Unauthenticated Arbitrary File Copy/Upload via Elementor Pro Form Upload Field 'raw_value'EPSS 0.4%CVE-2026-10213MEDIUMAstrBotDevs AstrBot API Endpoint delete path traversalEPSS 0.4%CVE-2026-41383MEDIUMOpenClaw < 2026.4.2 - Arbitrary Remote Directory Deletion via Mis-scoped Mirror Mode PathsEPSS 0.4%CVE-2026-39844MEDIUMNiceGUI has a Path Traversal in NiceGUI Upload Filename on Windows via Backslash Bypass of PurePosixPath SanitizationEPSS 0.4%CVE-2025-69379HIGHWordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-31913HIGHWordPress Scape theme < 1.5.16 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-68907HIGHWordPress Hostme v2 theme <= 7.0 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2025-41396MEDIUMA path traversal issue exists in file uploading feature of multiple versions of PowerCMS. Arbitrary files may be overwritten by a product usEPSS 0.4%