Fallos del tipo CWE-22

4794 resultados
CVE-2025-61923MEDIUMPrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosureEPSS 0.8%CVE-2024-32117MEDIUMAn improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiManager version 7.EPSS 0.8%CVE-2024-54148HIGHGogs has a Path Traversal in file editing UIEPSS 0.8%CVE-2024-13981CRITICALLiveBos UploadFile.do Arbitrary File UploadEPSS 0.8%CVE-2025-67160HIGHAn issue in Vatilon v1.12.37-20240124 allows attackers to access sensitive directories and files via a directory traversal.EPSS 0.8%CVE-2024-46646MEDIUMeNMS up to 4.7.1 is vulnerable to Directory Traversal via /download/file.EPSS 0.8%CVE-2025-34173MEDIUMNetgate pfSense CE Snort package v4.1.6_25 Directory Traversal Information DisclosureEPSS 0.8%CVE-2024-8163MEDIUMChengdu Everbrite Network Technology BeikeShop files destroyFiles path traversalEPSS 0.8%CVE-2026-38993MEDIUMCockpit 2.13.5 and earlier is vulnerable to directory traversal via the Buckets component. This vulnerability allows authenticated attackersEPSS 0.8%CVE-2024-50336MEDIUMmatrix-js-sdk has insufficient MXC URI validation which allows client-side path traversalEPSS 0.8%CVE-2024-57451HIGHChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller.FileController#getFileList, which allows attackers to EPSS 0.8%CVE-2025-50735HIGHDirectory traversal vulnerability in NextChat thru 2.16.0 due to the WebDAV proxy failing to canonicalize or reject dot path segments in itsEPSS 0.8%CVE-2024-5550MEDIUMExposure of Sensitive Information via Arbitrary System Path Lookup in h2oai/h2o-3EPSS 0.8%CVE-2025-11941MEDIUMe107 CMS Avatar image.php path traversalEPSS 0.8%CVE-2023-26045CRITICALNodeBB vulnerable to path traversal and code execution via prototype vulnerabilityEPSS 0.8%CVE-2024-1790MEDIUMAjax Load More <= 7.0.1 - Authenticated (Admin+) Directory Traversal to Arbitrary File ReadEPSS 0.8%CVE-2025-0461MEDIUMShanghai Lingdang Information Technology Lingdang CRM index.php path traversalEPSS 0.8%CVE-2025-4828CRITICALSupport Board <= 3.8.0 - Unauthenticated Arbitrary File DeletionEPSS 0.8%CVE-2024-27279MEDIUMDirectory traversal vulnerability exists in a-blog cms Ver.3.1.x series Ver.3.1.9 and earlier, Ver.3.0.x series Ver.3.0.30 and earlier, Ver.EPSS 0.8%CVE-2026-42605HIGHAzuraCast: Path Traversal in `currentDirectory` Parameter Enables Remote Code Execution via Media UploadEPSS 0.8%