Fallos del tipo CWE-22

4790 resultados
CVE-2024-5548HIGHDirectory Traversal in stitionai/devikaEPSS 1.0%CVE-2024-50508HIGHWordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Download vulnerabilityEPSS 1.0%CVE-2024-25006HIGHXenForo before 2.2.14 allows Directory Traversal (with write access) by an authenticated user who has permissions to administer styles, and EPSS 1.0%CVE-2020-5001MEDIUMIBM Financial Transaction Manager path traversalEPSS 1.0%CVE-2023-38019HIGHIBM SOAR QRadar Plugin App directory traversalEPSS 1.0%CVE-2024-44867HIGHphpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php.EPSS 1.0%CVE-2020-2504MEDIUMAbsolute path traversal vulnerability in QESEPSS 1.0%CVE-2026-25539CRITICALSiYuan has Arbitrary File Write via /api/file/copyFile leading to RCEEPSS 1.0%CVE-2023-52076HIGHRemote Code Execution Vulnerability in Atril's EPUB ebook parsingEPSS 1.0%CVE-2024-3311MEDIUMDreamer CMS ThemesController.java ZipUtils.unZipFiles path traversalEPSS 1.0%CVE-2024-9939HIGHWordPress File Upload <= 4.24.13 - Unauthenticated Path Traversal to Arbitrary File Read in wfu_file_downloader.phpEPSS 1.0%CVE-2024-46898HIGHSHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability isEPSS 1.0%CVE-2019-25098MEDIUMsoerennb eXtplorer Archive archive.php path traversalEPSS 1.0%CVE-2021-21909MEDIUMSpecially-crafted command line arguments can lead to arbitrary file deletion in the del .cnt|.log file delete command. An attacker can proviEPSS 1.0%CVE-2024-12152HIGHMIPL WC Multisite Sync <= 1.1.5 - Unauthenticated Arbitrary File DownloadEPSS 1.0%CVE-2023-26559MEDIUMA directory traversal vulnerability in Oxygen XML Web Author before 25.0.0.3 build 2023021715 and Oxygen Content Fusion before 5.0.3 build 2EPSS 1.0%CVE-2023-41040MEDIUMGitPython blind local file inclusionEPSS 1.0%CVE-2023-25802HIGHRoxy-WI has Path Traversal vulnerabilityEPSS 1.0%CVE-2023-1002MEDIUMMuYuCMS index.php path traversalEPSS 1.0%CVE-2024-4098CRITICALShariff Wrapper <= 4.6.13 - Unauthenticated Local File InclusionEPSS 1.0%