Falhas do tipo CWE-22

4.828 resultados
CVE-2026-1588MEDIUMjishenghua jshERP installByPath install path traversalEPSS 0.6%CVE-2023-25050HIGHWordPress Shortcodes Ultimate plugin <= 5.12.6 - Arbitrary File Download vulnerabilityEPSS 0.6%CVE-2026-48020HIGHTraefik StripPrefix Route-Level Auth Bypass via Path NormalizationEPSS 0.6%CVE-2024-6141HIGHWindscribe Directory Traversal Local Privilege Escalation VulnerabilityEPSS 0.6%CVE-2026-5013MEDIUMelecV2 elecV2P :key path.join path traversalEPSS 0.6%CVE-2024-52363MEDIUMIBM InfoSphere Information Server directory traversalEPSS 0.6%CVE-2024-43248HIGHWordPress Bit Form Pro plugin <= 2.6.4 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-34762CRITICALWordpress Advanced Custom Fields Pro plugin < 6.2.10 - Contributor+ Local File Inclusion vulnerabilityEPSS 0.6%CVE-2023-34216HIGHSecond Order Command-injection Vulnerability in the Key-delete FunctionEPSS 0.6%CVE-2025-58173HIGHFreshRSS vulnerable to authenticated RCE via path traversal inside include()EPSS 0.6%CVE-2025-34048HIGHD-Link DSL-2730U/2750U/2750E Path Traversal Arbitrary File ReadEPSS 0.6%CVE-2024-33628HIGHWordPress XforWooCommerce plugin <= 2.0.2 - Authenticated Local File Inclusion vulnerabilityEPSS 0.6%CVE-2024-51990CRITICALPath traversal via crafted Git repositories in jjEPSS 0.6%CVE-2024-35658HIGHWordPress Checkout Field Editor for WooCommerce (Pro) plugin <= 3.6.2 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2025-54450HIGHImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Samsung Electronics MagicINFO 9 Server allowEPSS 0.6%CVE-2024-36079MEDIUMAn issue was discovered in Vaultize 21.07.27. When uploading files, there is no check that the filename parameter is correct. As a result, aEPSS 0.6%CVE-2025-12496MEDIUMZephyr Project Manager <= 3.3.203 - Authenticated (Custom+) Arbitrary File Read And Server-Side Request ForgeryEPSS 0.6%CVE-2026-24469HIGHC++ HTTP Server has Critical Path Traversal Vulnerability in RequestHandler Allowing Arbitrary File ReadEPSS 0.6%CVE-2024-37932HIGHWordPress Woocommerce OpenPos plugin <= 6.4.4 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%CVE-2024-37928HIGHWordPress Jobmonster theme <= 4.7.0 - Unauthenticated Arbitrary File Deletion vulnerabilityEPSS 0.6%