Falhas do tipo CWE-22
4.722 resultadosCVE-2025-1035MEDIUMPath Traversal in Komtera Technolgies' KLog ServerEPSS 9.8%CVE-2025-27210HIGHAn incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX.
EPSS 9.8%CVE-2020-15644HIGHThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. AlthougEPSS 9.3%CVE-2020-6142CRITICALA remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. A specially crafted HTTP request can cauEPSS 9.2%CVE-2026-20148MEDIUMCisco Identity Services Engine Path Traversal VulnerabilityEPSS 9.2%CVE-2025-4524CRITICALMadara – Responsive and modern WordPress theme for manga sites <= 2.2.2 - Unauthenticated Local File InclusionEPSS 9.1%CVE-2025-3577MEDIUM**UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of the Zyxel AMG1302-T10B firmware version 2.00EPSS 9.0%CVE-2019-3474MEDIUMPath traversal vulnerability in Filr web applicationEPSS 9.0%CVE-2023-35843HIGHNocoDB through 0.106.0 (or 0.109.1) has a path traversal vulnerability that allows an unauthenticated attacker to access arbitrary files on EPSS 8.9%CVE-2018-1002208—SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) inEPSS 8.9%CVE-2026-22218HIGHChainlit < 2.9.4 Arbitrary File Read via /project/elementEPSS 8.8%CVE-2023-0241—pgAdmin 4 versions prior to v6.19 contains a directory traversal vulnerability. A user of the product may change another user's settings or EPSS 8.8%CVE-2017-6020—Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize eEPSS 8.7%CVE-2022-48362HIGHZoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2 allow directory traversal via computerName to AgentLogUploadSerEPSS 8.7%CVE-2025-53120CRITICALSecurden Unified PAM Path Traversal In File UploadEPSS 8.6%CVE-2018-3714—node-srv node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read conEPSS 8.6%CVE-2022-32275HIGHGrafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etEPSS 8.5%CVE-2021-21064MEDIUMMagento UPWARD-php Path traversal vulnerability via UPWARD ConnectorEPSS 8.5%CVE-2026-34619HIGHColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)EPSS 8.5%CVE-2022-45783MEDIUMAn issue was discovered in dotCMS core 4.x through 22.10.2. An authenticated directory traversal vulnerability in the dotCMS API can lead toEPSS 8.5%