Weaknesses of type CWE-22
4,827 resultsCVE-2025-3686MEDIUMmisstt123 oasys show image path traversalEPSS 0.6%CVE-2024-51958MEDIUMDirectory traversal vulnerability in the admin api for service thumbnailsEPSS 0.6%CVE-2024-56286HIGHWordPress Classic Addons – WPBakery Page Builder plugin <= 3.0 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2023-51401MEDIUMWordPress Ultimate Addons for Beaver Builder Premium plugin <= 1.35.13 - Limited Arbitrary File Download vulnerabilityEPSS 0.6%CVE-2025-4329MEDIUM74CMS index path traversalEPSS 0.6%CVE-2024-34521LOWA directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows aEPSS 0.6%CVE-2024-52600MEDIUMStatamic CMS has Path Traversal in Asset UploadEPSS 0.6%CVE-2025-58162MEDIUMMobSF Vulnerable to Arbitrary File Write (AR-Slip) via Absolute Path in .a ExtractionEPSS 0.6%CVE-2025-12923MEDIUMliweiyi ChestnutCMS download resourceDownload path traversalEPSS 0.6%CVE-2024-33557HIGHWordPress XStore Core plugin <= 5.3.8 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-51756LOWcap-std doesn't fully sandbox all the Windows device filenamesEPSS 0.6%CVE-2024-52964MEDIUMAn Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.EPSS 0.6%CVE-2024-6789HIGHPath traversal in M-Files APIEPSS 0.6%CVE-2025-26905HIGHWordPress Estatik plugin <= 4.3.0 - Local File Inclusion vulnerabilityEPSS 0.6%CVE-2026-35174CRITICALChyrp Lite has a Path Traversal to Remote Code ExecutionEPSS 0.6%CVE-2024-35712MEDIUMWordPress Database Cleaner: Clean, Optimize & Repair plugin <= 1.0.5 - Arbitrary File Read vulnerabilityEPSS 0.6%CVE-2025-62356HIGHA path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to read arbitrary local files in and outside EPSS 0.6%CVE-2023-25305HIGHPolyMC Launcher <= 1.4.3 is vulnerable to Directory Traversal. A mrpack file can be maliciously crafted to create arbitrary files outside ofEPSS 0.6%CVE-2026-29871HIGHA path traversal vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19) in theEPSS 0.6%CVE-2024-35745HIGHWordPress Strategery Migrations plugin <= 1.0 - Arbitrary File Deletion vulnerabilityEPSS 0.6%