Weaknesses of type CWE-22
4,766 resultsCVE-2018-4861—A vulnerability has been identified in SCALANCE M875 (All versions). An authenticated remote attacker with access to the web interface (443/EPSS 1.9%CVE-2021-28206MEDIUMASUS BMC's firmware: path traversal - Record video file functionEPSS 1.9%CVE-2021-28209MEDIUMASUS BMC's firmware: path traversal - Delete video file functionEPSS 1.9%CVE-2021-28207MEDIUMASUS BMC's firmware: path traversal - Get Help file functionEPSS 1.9%CVE-2021-28208MEDIUMASUS BMC's firmware: path traversal - Get video file functionEPSS 1.9%CVE-2021-28205MEDIUMASUS BMC's firmware: path traversal - Delete SOL video file functionEPSS 1.9%CVE-2022-23612HIGHDirectory Traversal in OpenMRS Startup FilterEPSS 1.9%CVE-2020-6974—Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which allows an attacker to bypass access to restEPSS 1.9%CVE-2025-27222HIGHTRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/getCobrandingData endpoint to retrieve files. However, the application doesnEPSS 1.9%CVE-2021-24363—Photo Gallery < 1.5.75 - File Upload Path TraversalEPSS 1.9%CVE-2026-54066HIGHSiYuan: Path Traversal via Double URL Encoding in /assets/*path (publish mode arbitrary file─read)EPSS 1.9%CVE-2025-25163HIGHWordPress Plugin A/B Image Optimizer Plugin <= 3.3 - Arbitrary File Download vulnerabilityEPSS 1.9%CVE-2022-41154HIGHA directory traversal vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specialEPSS 1.9%CVE-2022-44006CRITICALAn issue was discovered in BACKCLICK Professional 5.9.63. Due to improper validation or sanitization of upload filenames, an externally reacEPSS 1.9%CVE-2021-21886MEDIUMA directory traversal vulnerability exists in the Web Manager FSBrowsePage functionality of Lantronix PremierWave 2050 8.9.0.0R4. A speciallEPSS 1.9%CVE-2023-22887—Apache Airflow path traversal by authenticated userEPSS 1.9%CVE-2024-32258HIGHThe network server of fceux 2.7.0 has a path traversal vulnerability, allowing attackers to overwrite any files on the server without authenEPSS 1.9%CVE-2021-43840MEDIUMPath traversal in message_busEPSS 1.9%CVE-2024-22779HIGHDirectory Traversal vulnerability in Kihron ServerRPExposer v.1.0.2 and before allows a remote attacker to execute arbitrary code via the loEPSS 1.9%CVE-2018-5445—A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. An attacker has read access to files witEPSS 1.9%