Fallos del tipo CWE-22

4856 resultados
CVE-2025-14293MEDIUMWP Job Portal <= 2.4.0 - Authenticated (Subscriber+) Arbitrary File ReadEPSS 0.3%CVE-2026-8811HIGHPath traversal in PDF generation moduleEPSS 0.3%CVE-2026-35484MEDIUMtext-generation-webui has a Path Traversal in load_preset() — .yaml file read without authenticationEPSS 0.3%CVE-2025-68002MEDIUMWordPress Open User Map plugin <= 1.4.16 - Arbitrary File Download vulnerabilityEPSS 0.3%CVE-2026-44647HIGHOneDev: Path Traversal (read capability via Git LFS pointer resolution)EPSS 0.3%CVE-2026-54394MEDIUMMISP organisation logo path traversal allows retrieval of arbitrary PNG/SVG filesEPSS 0.3%CVE-2021-29088HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') in cgi component in Synology DiskStation Manager (DSM) beforeEPSS 0.3%CVE-2026-42564HIGHjotty·page: Unauthenticated Path Traversal leads to sensitive file disclosure and session-token reuse impactEPSS 0.3%CVE-2026-0604MEDIUMFastDup <= 2.7 - Authenticated (Contributor+) Path Traversal via 'dir_path' REST ParameterEPSS 0.3%CVE-2026-54591HIGHAsyncSSH: SCP Path Traversal to Arbitrary File WriteEPSS 0.3%CVE-2026-41412MEDIUMalf.io vulnerable to Arbitrary File Read and Exfil via simpleHttpClient Extension ScriptEPSS 0.3%CVE-2026-5203MEDIUMCMS Made Simple UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversalEPSS 0.3%CVE-2026-59832HIGHSiYuan: Authenticated path traversal in /snippets/ static handler (serveSnippets) leaks conf/conf.json secrets and siyuan.dbEPSS 0.3%CVE-2026-45569HIGHRoxy-WI: Path-traversal patch in commit d4d10006 is a no-op (tuple-membership bug)EPSS 0.3%CVE-2024-6971LOWPath Traversal in parisneo/lollms-webuiEPSS 0.3%CVE-2025-58355HIGHSoft Serve is vulnerable to arbitrary file writing through its SSH APIEPSS 0.3%CVE-2026-42028MEDIUMnovaGallery: Unauthenticated Path Traversal in Album and Cached Image Routes Allows Reading Images Outside Gallery RootEPSS 0.3%CVE-2026-2500MEDIUMQuick Playground <= 1.3.4 - Authenticated (Administrator+) Arbitrary File Read via 'filename' ParameterEPSS 0.3%CVE-2026-4619MEDIUMPath Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network.EPSS 0.3%CVE-2026-39307HIGHPraisonAI has an Arbitrary File Write (Zip Slip) in Templates ExtractionEPSS 0.3%