Weaknesses of type CWE-22

4,821 results
CVE-2023-35069HIGHPath Traversal in BullwarkEPSS 0.6%CVE-2026-9559CRITICALA path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign importsEPSS 0.6%CVE-2024-32830HIGHWordPress buddyforms plugin <= 2.8.8- Arbitrary File Read and SSRF vulnerabilityEPSS 0.6%CVE-2024-43140HIGHWordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.4 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-50843MEDIUMA Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers atEPSS 0.6%CVE-2025-56815HIGHDatart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /viz/image interface, since the server directly uses MultipartFile.transfEPSS 0.6%CVE-2023-6032MEDIUM A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause a file systeEPSS 0.6%CVE-2024-37231HIGHWordPress Salon booking system plugin <= 9.9 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2026-3405LOWthinkgem JeeSite Connection path traversalEPSS 0.6%CVE-2023-7249MEDIUMImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows EPSS 0.6%CVE-2021-46856HIGHThe multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confEPSS 0.6%CVE-2026-8765MEDIUMKilo-Org kilocode File Diff API Endpoint worktree-diff.ts Bun.file path traversalEPSS 0.6%CVE-2024-24569MEDIUM`ZipSecurity#isBelowCurrentDirectory` is vulnerable to partial-path traversal vulnerabilityEPSS 0.6%CVE-2024-49366HIGHNginx UI's json field can construct a directory traversal payload, causing arbitrary files to be writtenEPSS 0.6%CVE-2026-29870HIGHA directory traversal vulnerability in the agentic-context-engine project versions up to 0.7.1 allows arbitrary file writes via the checkpoiEPSS 0.6%CVE-2025-51480HIGHPath Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files byEPSS 0.6%CVE-2025-46359HIGHA path traversal issue exists in backup and restore feature of multiple versions of PowerCMS. A product administrator may execute arbitrary EPSS 0.6%CVE-2023-26265MEDIUMThe Borg theme before 1.1.19 for Backdrop CMS does not sufficiently sanitize path arguments that are passed in via a URL. The function borg_EPSS 0.6%CVE-2022-44653HIGHA security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to escalatEPSS 0.6%CVE-2025-30159MEDIUMKirby vulnerable to path traversal of snippet names in the `snippet()` helperEPSS 0.6%