Weaknesses of type CWE-22
4,805 resultsCVE-2024-54380HIGHWordPress WP Cookies Enabler plugin <= 1.0.1 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2024-44720HIGHSeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php.EPSS 0.7%CVE-2024-54375HIGHWordPress Woolook plugin <= 1.7.0 - Local File Inclusion vulnerabilityEPSS 0.7%CVE-2025-55282CRITICALaiven-db-migrate allows Privilege Escalation via unrestricted search_path during migrationEPSS 0.7%CVE-2024-4297MEDIUMHGiga iSherlock - Arbitrary File DownloadEPSS 0.7%CVE-2023-25914HIGHAuthneticated Path Traversal in Danfoss AK-SM800AEPSS 0.7%CVE-2026-46402HIGHMicrosoft UFO uses untrusted task_name in log paths, allowing authenticated path traversal and log file creation outside the logs directoryEPSS 0.7%CVE-2024-4296MEDIUMHGiga iSherlock - Arbitrary File DownloadEPSS 0.7%CVE-2023-2909HIGHA Directory traversal vulnerability was found on EZ Sync service of ADMEPSS 0.7%CVE-2023-5938HIGHPath traversal via 'zip slip' in Arc before v1.6.0EPSS 0.7%CVE-2025-3043MEDIUMGuoMinJim PersonManage login preHandle path traversalEPSS 0.7%CVE-2024-2023MEDIUMFolders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_uploadEPSS 0.7%CVE-2023-48299MEDIUMTorchServe ZipSlipEPSS 0.7%CVE-2024-8585MEDIUMLEARNING DIGITAL Orca HCM - Arbitrary File DownloadEPSS 0.7%CVE-2025-66449HIGHConvertX has Path Traversal that leads to Arbitrary File Write and Arbitrary Code ExecutionEPSS 0.7%CVE-2024-43011MEDIUMAn arbitrary file deletion vulnerability exists in the admin/del.php file at line 62 in ZZCMS 2023 and earlier. Due to insufficient validatiEPSS 0.7%CVE-2024-51751MEDIUMArbitrary file read with File and UploadButton components in GradioEPSS 0.7%CVE-2026-25965HIGHImageMagick's policy bypass through path traversal allows reading restricted content despite secured policyEPSS 0.7%CVE-2026-7311HIGHTinyPNG <= 3.6.13 - Authenticated (Author+) Arbitrary File Deletion via 'convert.path' in 'tiny_compress_images' Post MetaEPSS 0.7%CVE-2024-51127CRITICALAn issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information.EPSS 0.7%