Weaknesses of type CWE-22
4,790 resultsCVE-2024-8769CRITICALArbitrary File Deletion via Relative Path Traversal in aimhubio/aimEPSS 0.8%CVE-2023-27475HIGHGoutil vulnerable to path traversal when unzipping filesEPSS 0.8%CVE-2025-29420HIGHPerfreeBlog v4.0.11 has a directory traversal vulnerability in the getThemeFilesByName function.EPSS 0.8%CVE-2023-40280HIGHAn issue was discovered in OpenClinic GA 5.247.01. An attacker can perform a directory path traversal via the Page parameter in a GET requesEPSS 0.8%CVE-2023-2315HIGHPath Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2EPSS 0.8%CVE-2025-54926HIGHCWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists that could cause remote code exeEPSS 0.8%CVE-2020-36629MEDIUMSimbCo httpster server.coffee fs.realpathSync path traversalEPSS 0.8%CVE-2023-44251HIGH** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability [CWE-22] in FoEPSS 0.8%CVE-2024-22328HIGHIBM Maximo Application Suite information disclosureEPSS 0.8%CVE-2022-45374HIGHWordPress Yet Another Related Posts Plugin (YARPP) plugin <= 5.30.4 - Local File InclusionEPSS 0.8%CVE-2024-48071MEDIUME-cology has a directory traversal vulnerability. An attacker can exploit this vulnerability to delete the server directory, causing the serEPSS 0.8%CVE-2026-2743CRITICALSEPPmail User Web Interface Arbitrary File Write to RCEEPSS 0.8%CVE-2024-13409HIGHPost Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget <= 1.6.10 - Authenticated (Contributor+) Local File Inclusion via post_type_ajax_handler()EPSS 0.8%CVE-2024-57170MEDIUMSOPlanning 1.53.00 is vulnerable to a directory traversal issue in /process/upload.php. The "fichier_to_delete" parameter allows authenticatEPSS 0.8%CVE-2024-28335CRITICALLektor before 3.3.11 does not sanitize DB path traversal. Thus, shell commands might be executed via a file that is added to the templates dEPSS 0.8%CVE-2023-30268CRITICALCLTPHP <=6.0 is vulnerable to Improper Input Validation.EPSS 0.8%CVE-2023-41877HIGHGeoServer log file path traversal vulnerabilityEPSS 0.8%CVE-2025-69874CRITICALnanotar through 0.2.0 has a path traversal vulnerability in parseTar() and parseTarGzip() that allows remote attackers to write arbitrary fiEPSS 0.8%CVE-2016-15055HIGHJVC VN-T IP-Camera Directory Traversal via check.cgiEPSS 0.8%CVE-2022-45829HIGHWordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Arbitrary File DeletionEPSS 0.8%