Falhas do tipo CWE-22
4.837 resultadosCVE-2024-38715MEDIUMWordPress ExS Widgets plugin <= 0.3.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-13471HIGHDesignThemes Core Features <= 4.7 - Missing Authorization to Unauthenticated Arbitrary File Read via dt_process_imported_fileEPSS 0.5%CVE-2023-46988MEDIUMPath Traversal vulnerability in ONLYOFFICE Document Server before v8.0.1 allows a remote attacker to copy arbitrary files by manipulating thEPSS 0.5%CVE-2024-45709MEDIUMSolarWinds Web Help Desk Local File Read VulnerabilityEPSS 0.5%CVE-2024-38716MEDIUMWordPress Events Calendar for Google plugin <= 2.1.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2023-47679MEDIUMWordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2026-41552CRITICALPath Traversal in PDF Export ModuleEPSS 0.5%CVE-2024-36267HIGHPath traversal vulnerability exists in Redmine DMSF Plugin versions prior to 3.1.4. If this vulnerability is exploited, a logged-in user mayEPSS 0.5%CVE-2024-11833HIGHArbitrary Directory Write via Runbooks Artifact UploadEPSS 0.5%CVE-2024-11834HIGHArbitrary File Write via PTRAC ImportEPSS 0.5%CVE-2026-2421MEDIUMilGhera Carta Docente for WooCommerce <= 1.5.0 - Authenticated (Administrator+) Path Traversal to Arbitrary File Deletion via 'cert' ParameterEPSS 0.5%CVE-2023-49788HIGHImproper handling of browser-side provided input in richdocuments path handlingEPSS 0.5%CVE-2024-39651HIGHWordPress WooCommerce PDF Vouchers plugin < 4.9.5 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-9217MEDIUMSlider Revolution <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images'EPSS 0.5%CVE-2026-49982HIGHtmp: Type-confusion bypass of _assertPath in tmp@0.2.6 allows path traversal via non-string prefix/postfix/templateEPSS 0.5%CVE-2025-27932HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file deletion process of the USB storage EPSS 0.5%CVE-2022-46492MEDIUMnbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/EPSS 0.5%CVE-2026-39847CRITICALEmmett has a path traversal in internal assets handlerEPSS 0.5%CVE-2026-41612MEDIUMVisual Studio Code Information Disclosure VulnerabilityEPSS 0.5%CVE-2025-7641HIGHAssistant for NextGEN Gallery <= 1.0.9 - Unauthenticated Arbitrary Directory DeletionEPSS 0.5%