Weaknesses of type CWE-22
4,809 resultsCVE-2025-58693MEDIUMAn improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiVoice 7.2.0 through 7.2.2, EPSS 0.6%CVE-2026-49297HIGHApache Airflow Google provider: Path traversal via GCS object names → local/SFTP filesystem (GCSToSFTPOperator + GCSTimeSpanFileTransformOperator)EPSS 0.6%CVE-2020-37077MEDIUMBooked Scheduler 2.7.7 - Authenticated Directory TraversalEPSS 0.6%CVE-2022-20725MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 0.6%CVE-2025-23422HIGHWordPress Store Locator plugin <= 3.98.10 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2026-14439CRITICALPath Traversal in Altium Git Service Allows Remote Code ExecutionEPSS 0.6%CVE-2024-20528LOWCisco Identity Services Engine Path Traversal VulnerabilityEPSS 0.6%CVE-2016-20076HIGHWordPress Simple-Backup 2.7.11 Arbitrary File Deletion and DownloadEPSS 0.6%CVE-2023-38399HIGHWordPress Phlox Portfolio plugin <= 2.3.1 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2023-39163HIGHWordPress Phlox Shop plugin <= 2.0.0 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-52444HIGHWordPress Opal Woo Custom Product Variation plugin <= 1.1.3 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2023-49753HIGHWordPress Adifier System plugin < 3.1.4 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2025-6283MEDIUMxataio Xata Agent route.ts GET path traversalEPSS 0.6%CVE-2025-34517HIGHIlevia EVE X1 Server 4.7.18.0.eden Absolute Path TraversalEPSS 0.6%CVE-2021-24761—Error Log Viewer < 1.1.2 - Arbitrary Text File Deletion via CSRFEPSS 0.6%CVE-2026-0805HIGHImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Crafty ControllerEPSS 0.6%CVE-2025-52861HIGHVioStorEPSS 0.6%CVE-2025-9079HIGHAdmin RCE via prepackaged plugins by way of misconfigured imports directoryEPSS 0.6%CVE-2025-34518HIGHIlevia EVE X1 Server 4.7.18.0.eden Relative Path TraversalEPSS 0.6%CVE-2025-62853MEDIUMFile Station 5EPSS 0.6%