Falhas do tipo CWE-22
4.836 resultadosCVE-2024-8291MEDIUMConcrete CMS Stored XSS in Image Editor Background ColorEPSS 0.5%CVE-2025-65814MEDIUMA lack of security checks in the file import process of RHOPHI Analytics LLP Office App-Edit Word v6.4.1 allows attackers to execute a direcEPSS 0.5%CVE-2025-65815MEDIUMA lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a dirEPSS 0.5%CVE-2026-6615MEDIUMTransformerOptimus SuperAGI Multipart Upload resources.py upload path traversalEPSS 0.5%CVE-2024-55516CRITICALA vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The component affected by this issue is /upload_sysconfEPSS 0.5%CVE-2024-55513CRITICALA vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component affected by this issue is /upload_netactioEPSS 0.5%CVE-2026-57571CRITICALCrawl4AI arbitrary file write via download filename path traversalEPSS 0.5%CVE-2025-30596MEDIUMWordPress include-file plugin <= 1 - Arbitrary File Download VulnerabilityEPSS 0.5%CVE-2026-33528MEDIUMGoDoxy has a Path Traversal Vulnerability in its File APIEPSS 0.5%CVE-2026-22249HIGHDocmost affected by an Arbitrary File Write via Zip Import Feature (ZipSlip)EPSS 0.5%CVE-2025-53110HIGHModel Context Protocol Servers Vulnerable to Path Validation Bypass via Colliding Path PrefixEPSS 0.5%CVE-2024-55970HIGHFile Manager in Syncfusion Essential Studio for ASP.NET MVC before 27.1.55 has a traversal issue that is related to the request parameter, aEPSS 0.5%CVE-2025-31800MEDIUMWordPress Publitio plugin <= 2.2.0 - Arbitrary File Read vulnerabilityEPSS 0.5%CVE-2026-25525MEDIUMOpenMage LTS has Path Traversal Filter Bypass in Dataflow ModuleEPSS 0.5%CVE-2026-8442HIGHWP Review Slider Pro <= 12.6.8 - Authenticated (Subscriber+) Arbitrary File Deletion via 'myaction' ParameterEPSS 0.5%CVE-2024-55401MEDIUMAn issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal.EPSS 0.5%CVE-2024-39688MEDIUMfishaudio/Bert-VITS2 Limited File Write in webui_preprocess.py generate_config functionEPSS 0.5%CVE-2024-9575HIGHLocal File Inclusion in pretix-widget WordPress pluginEPSS 0.5%CVE-2024-41726HIGHPath traversal vulnerability exists in SKYSEA Client View Ver.3.013.00 to Ver.19.210.04e. If this vulnerability is exploited, an arbitrary eEPSS 0.5%CVE-2018-3770—A path traversal exists in markdown-pdf version <9.0.0 that allows a user to insert a malicious html code that can result in reading the locEPSS 0.5%