Falhas do tipo CWE-23
424 resultadosCVE-2023-23784MEDIUMA relative path traversal in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versionsEPSS 0.6%CVE-2024-13130MEDIUMDahua IPC-HFW1200S Web Interface Sha1Account1 path traversalEPSS 0.6%CVE-2024-6433HIGHLocal File Inclusion in stitionai/devikaEPSS 0.6%CVE-2025-62552HIGHMicrosoft Access Remote Code Execution VulnerabilityEPSS 0.6%CVE-2024-54449HIGHRemote Code Execution (RCE) via Arbitrary File Write In Document APIEPSS 0.6%CVE-2024-34712MEDIUMOceanic allows unsanitized user input to lead to path traversal in URLsEPSS 0.6%CVE-2024-6583MEDIUMPath Traversal in stangirard/quivrEPSS 0.5%CVE-2025-3365CRITICALRelative Path Traversal in OnlineSuiteEPSS 0.5%CVE-2024-50453HIGHWordPress The Pack Elementor addons plugin <= 2.0.9 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2025-7146HIGHJhenggao iPublish System - Arbitrary File Reading through Path TraversalEPSS 0.5%CVE-2025-67366HIGH@sylphxltd/filesystem-mcp v0.5.8 is an MCP server that provides file content reading functionality. Version 0.5.8 of filesystem-mcp containsEPSS 0.5%CVE-2025-9639HIGHAi3|QbiCRMGateway - Arbitrary File Reading through Path TraversalEPSS 0.5%CVE-2024-45731HIGHPotential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate diskEPSS 0.5%CVE-2023-40714CRITICALA relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0 through 6.6.3, 6.5.1, 6.5.0 allows attacker to esEPSS 0.5%CVE-2025-2056HIGHWP Ghost <= 5.4.01 - Unauthenticated Limited File ReadEPSS 0.5%CVE-2022-34836MEDIUMABB Ability TM Operations Data Management Zenon Zenon Log Server file access controlEPSS 0.5%CVE-2026-27202HIGHGetSimple CMS: Uploaded Files (feature) Arbitrary File Read VulnerabilityEPSS 0.5%CVE-2025-48977HIGHApache Ignite: REST HTTP arbitrary file read vulnerabilityEPSS 0.5%CVE-2024-47948MEDIUMIn JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backupsEPSS 0.5%CVE-2023-30630HIGHDmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode viEPSS 0.5%