Falhas do tipo CWE-22
4.827 resultadosCVE-2026-44307HIGHMako: Path traversal via backslash URI on Windows in TemplateLookupEPSS 0.6%CVE-2024-37089CRITICALWordPress Consulting Elementor Widgets plugin <= 1.3.0 - Unauthenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2025-67083MEDIUMDirectory traversal vulnerability in InvoicePlane through 1.6.3 allows unauthenticated attackers to read files from the server. The ability EPSS 0.6%CVE-2025-65878HIGHThe warehouse management system version 1.2 contains an arbitrary file read vulnerability. The endpoint `/file/showImageByPath` does not sanEPSS 0.6%CVE-2024-52396MEDIUMWordPress WOLF plugin <= 1.0.8.3 - CSV Limited Path Traversal vulnerabilityEPSS 0.6%CVE-2025-27937HIGHQuick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a restricted directory ('Path Traversal'). If eEPSS 0.6%CVE-2026-30942HIGHFlare has a Path Traversal in /api/avatars/[filename]EPSS 0.6%CVE-2025-41035HIGHPath Traversal vulnerability in appRain CMFEPSS 0.6%CVE-2024-12718MEDIUMBypass extraction filter to modify file metadata outside extraction directoryEPSS 0.6%CVE-2022-20677MEDIUMCisco IOx Application Hosting Environment VulnerabilitiesEPSS 0.6%CVE-2026-44885MEDIUMPortainer: Path traversal in backup archive extraction allows arbitrary file writeEPSS 0.6%CVE-2026-34653HIGHAdobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)EPSS 0.6%CVE-2025-34248HIGHD-Link Nuclias Connect < v1.3.1.4 Directory Traversal to Arbitrary File DeletionEPSS 0.6%CVE-2025-30582HIGHWordPress DyaPress ERP/CRM plugin <= 18.0.2.0 - Local File Inclusion VulnerabilityEPSS 0.6%CVE-2024-41971HIGHWAGO: Arbitrary File Overwrite in Multiple DevicesEPSS 0.6%CVE-2024-26129MEDIUMPrestashop vulnerable to path disclosure in JavaScript variableEPSS 0.6%CVE-2023-44395MEDIUMAutolab has Path Traversal vulnerability in Assessment functionalityEPSS 0.6%CVE-2024-35744HIGHWordPress Upunzipper plugin <= 1.0.0 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-35743HIGHWordPress SC filechecker plugin <= 0.6 - Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-43955CRITICALWordPress Droip plugin <= 1.1.1 - Unauthenticated Arbitrary File Download/Deletion vulnerabilityEPSS 0.6%