Falhas do tipo CWE-22

4.856 resultados
CVE-2026-6487MEDIUMQihui jtbc5 CMS Code Endpoint manage.php path traversalEPSS 0.4%CVE-2025-7450MEDIUMletseeqiji gorobbs API user.go ResetUserAvatar path traversalEPSS 0.4%CVE-2025-6453MEDIUMdiyhi bbs API ForumManageAction.java add path traversalEPSS 0.4%CVE-2026-6590MEDIUMComfyUI Model Preview Endpoint model_manager.py get_model_preview path traversalEPSS 0.4%CVE-2024-26292HIGHAuthenticated Arbitrary File Deletion affecting Avid NEXISEPSS 0.4%CVE-2026-32496MEDIUMWordPress Spam Protect for Contact Form 7 plugin <= 1.2.9 - Arbitrary File Deletion vulnerabilityEPSS 0.4%CVE-2026-15326MEDIUMhalo-dev halo Theme Installation ThemeUtils.java ThemeUtils.unzipThemeTo path traversalEPSS 0.4%CVE-2026-32007HIGHOpenClaw < 2026.2.23 - Sandbox Bypass in apply_patch Tool via Workspace-Only Check BypassEPSS 0.4%CVE-2026-44440MEDIUMERPNext: Path Traversal Leading to Sensitive File ExposureEPSS 0.4%CVE-2026-30282CRITICALAn arbitrary file overwrite vulnerability in UXGROUP LLC Cast to TV Screen Mirroring v2.2.77 allows attackers to overwrite critical internalEPSS 0.4%CVE-2026-23942MEDIUMSFTP root escape via component-agnostic prefix check in ssh_sftpdEPSS 0.4%CVE-2024-46327MEDIUMAn issue in the Http_handle object of VONETS VAP11G-300 v3.3.23.6.9 allows attackers to access sensitive files via a directory traversal.EPSS 0.4%CVE-2022-4773LOWcloudsync LocalFilesystemConnector.java getItem path traversalEPSS 0.4%CVE-2025-4419MEDIUMHot Random Image <= 1.9.2 - Path Traversal to Authenticated (Contributor+) Limited Arbitrary Image Access via path ParameterEPSS 0.4%CVE-2026-22661HIGHprompts.chat Path Traversal via Skill File HandlingEPSS 0.4%CVE-2025-8385MEDIUMZombify <= 1.7.5 - Authenticated (Subscriber+) Path Traversal to Arbitrary File ReadEPSS 0.4%CVE-2025-65713MEDIUMHome Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths durEPSS 0.4%CVE-2026-59221HIGHopen-webui terminal proxy path traversal guard bypass via 9x encoded traversalEPSS 0.4%CVE-2026-49061HIGHWordPress WPC Product Options for WooCommerce plugin <= 3.2.1 - Arbitrary File Download vulnerabilityEPSS 0.4%CVE-2025-11034MEDIUMDibo Data Decision Making System common_dep.action.jsp downloadImpTemplet path traversalEPSS 0.4%