Fallos del tipo CWE-22
4853 resultadosCVE-2024-45709MEDIUMSolarWinds Web Help Desk Local File Read VulnerabilityEPSS 0.5%CVE-2026-33747HIGHBuildKit vulnerable to malicious frontend causing file escape outside of storage rootEPSS 0.5%CVE-2025-41755MEDIUMArbitrary Read with ubr-logreadEPSS 0.5%CVE-2025-61624MEDIUMAn Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') [CWE-22] vulnerability in Fortinet FortiOS 7.6.0 through 7EPSS 0.5%CVE-2024-38716MEDIUMWordPress Events Calendar for Google plugin <= 2.1.0 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-38772MEDIUMWordPress JetWidgets for Elementor and WooCommerce plugin <= 1.1.7 - Contributor+ Limited Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-38715MEDIUMWordPress ExS Widgets plugin <= 0.3.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2023-46988MEDIUMPath Traversal vulnerability in ONLYOFFICE Document Server before v8.0.1 allows a remote attacker to copy arbitrary files by manipulating thEPSS 0.5%CVE-2021-47942HIGHHome Assistant Community Store 1.10.0 Path Traversal Account TakeoverEPSS 0.5%CVE-2024-33541MEDIUMWordPress Better Elementor Addons plugin <= 1.4.1 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2023-47679MEDIUMWordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerabilityEPSS 0.5%CVE-2024-11833HIGHArbitrary Directory Write via Runbooks Artifact UploadEPSS 0.5%CVE-2024-11834HIGHArbitrary File Write via PTRAC ImportEPSS 0.5%CVE-2026-2421MEDIUMilGhera Carta Docente for WooCommerce <= 1.5.0 - Authenticated (Administrator+) Path Traversal to Arbitrary File Deletion via 'cert' ParameterEPSS 0.5%CVE-2024-36267HIGHPath traversal vulnerability exists in Redmine DMSF Plugin versions prior to 3.1.4. If this vulnerability is exploited, a logged-in user mayEPSS 0.5%CVE-2025-8753MEDIUMlinlinjava litemall File delete path traversalEPSS 0.5%CVE-2026-41552CRITICALPath Traversal in PDF Export ModuleEPSS 0.5%CVE-2025-27932HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in the file deletion process of the USB storage EPSS 0.5%CVE-2026-49982HIGHtmp: Type-confusion bypass of _assertPath in tmp@0.2.6 allows path traversal via non-string prefix/postfix/templateEPSS 0.5%CVE-2025-9217MEDIUMSlider Revolution <= 6.7.36 - Authenticated (Contributor+) Arbitrary File Read via 'used_svg' and 'used_images'EPSS 0.5%