Fallos del tipo CWE-22

4821 resultados
CVE-2025-26540HIGHWordPress Helloprint Plugin <= 2.0.7 - Arbitrary File Deletion vulnerabilityEPSS 0.7%CVE-2026-29220MEDIUMApache OFBiz: Low-Privilege LFI in Content ComponentEPSS 0.7%CVE-2023-38511MEDIUMiTop Dashboard editor vulnerable dashboard config file parameterEPSS 0.7%CVE-2023-29128LOWA vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versiEPSS 0.7%CVE-2026-3289MEDIUMSanluan PublicCMS Template Cache Generation TemplateCacheComponent.java saveMetadata path traversalEPSS 0.7%CVE-2023-23700HIGHWordPress OceanWP theme <= 3.4.1 - Authenticated Local File Inclusion vulnerabilityEPSS 0.7%CVE-2023-53907HIGHBludit 3.13.1 Authenticated Arbitrary File Download via Backup PluginEPSS 0.7%CVE-2026-35471CRITICALImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshsEPSS 0.7%CVE-2025-1543MEDIUMiteachyou Dreamer CMS ueditor-1.4.3.3 path traversalEPSS 0.7%CVE-2021-27771HIGHHCL Sametime is susceptible a file transfer service vulnerabilityEPSS 0.7%CVE-2026-35392CRITICALgoshs has an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs PUT UploadEPSS 0.7%CVE-2026-35393CRITICALImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in goshs POST multipart uploadEPSS 0.7%CVE-2024-55602HIGHPenDoc vulnerable to Arbitrary File Read on updating and downloading templates using Path TraversalEPSS 0.7%CVE-2024-49770HIGHoak's path traversal allows transfer of hidden files within the served root directoryEPSS 0.7%CVE-2025-11746HIGHXStore | Multipurpose WooCommerce Theme <= 9.5.4 - Authenticated (Subscriber+) Local File InclusionEPSS 0.7%CVE-2023-22380MEDIUMPath traversal in GitHub Enterprise Server leading to arbitrary file reading when building a GitHub Pages siteEPSS 0.7%CVE-2026-0963CRITICALImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Crafty ControllerEPSS 0.7%CVE-2023-25689LOWIBM Security Key Lifecycle Manager information disclosureEPSS 0.7%CVE-2026-34911HIGHA malicious actor with access to the network and low privileges could exploit a Path Traversal vulnerability found in UniFi OS devices to acEPSS 0.7%CVE-2024-31462MEDIUMLimited file write in Stable-diffusion-webui - GHSL-2024-010EPSS 0.7%