Weaknesses of type CWE-22

4,827 results
CVE-2025-49830HIGHConjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to path traversal and file disclosureEPSS 0.5%CVE-2026-49766CRITICALWordPress WP User Manager plugin <= 2.9.16 - Arbitrary File Deletion vulnerabilityEPSS 0.5%CVE-2025-66410HIGHGin-vue-admin has an arbitrary file deletion vulnerabilityEPSS 0.5%CVE-2025-46096MEDIUMDirectory Traversal vulnerability in solon v.3.1.2 allows a remote attacker to conduct XSS attacks via the solon-faas-luffy componentEPSS 0.5%CVE-2026-49238HIGHSFTP Server VM Escape in Canonical MultipassEPSS 0.5%CVE-2023-25579MEDIUMDirectory traversal in Nextcloud serverEPSS 0.5%CVE-2022-4494MEDIUMbspkrs MCPMappingViewer ZIP File RemoteZipHandler.java extractZip path traversalEPSS 0.5%CVE-2026-33293HIGHAVideo Affected by Arbitrary File Deletion via Path Traversal in CloneSite deleteDump ParameterEPSS 0.5%CVE-2025-15577HIGHValmet DNA Web server arbitrary file read accessEPSS 0.5%CVE-2026-25992HIGHSiYuan has a File Read Interface Case Bypass VulnerabilityEPSS 0.5%CVE-2025-35055HIGHNewforma Info Exchange (NIX) insecure file uploadEPSS 0.5%CVE-2025-24960HIGHMissing Input validation for filename in backups endpoint in JellystatEPSS 0.5%CVE-2024-47557HIGHPre-Auth RCE via Path TraversalEPSS 0.5%CVE-2024-47556HIGHPre-Auth RCE via Path TraversalEPSS 0.5%CVE-2023-37385HIGHWordPress Consulting theme <= 6.5.6 - Local File InclusionEPSS 0.5%CVE-2024-8291MEDIUMConcrete CMS Stored XSS in Image Editor Background ColorEPSS 0.5%CVE-2023-29502MEDIUMPTC Vuforia Studio Path TraversalEPSS 0.5%CVE-2026-25525MEDIUMOpenMage LTS has Path Traversal Filter Bypass in Dataflow ModuleEPSS 0.5%CVE-2025-30596MEDIUMWordPress include-file plugin <= 1 - Arbitrary File Download VulnerabilityEPSS 0.5%CVE-2026-22249HIGHDocmost affected by an Arbitrary File Write via Zip Import Feature (ZipSlip)EPSS 0.5%