Falhas do tipo CWE-22

4.786 resultados
CVE-2025-30387CRITICALDocument Intelligence Studio On-Prem Elevation of Privilege VulnerabilityEPSS 1.1%CVE-2022-50939HIGHe107 CMS v3.2.1 - Upload Restriction Bypass with Path Traversal File OverrideEPSS 1.1%CVE-2026-1523HIGHPath Traversal in Digitek from Grupo AzkoyenEPSS 1.1%CVE-2024-6885HIGHMaxiBlocks: 2200+ Patterns, 190 Pages, 14.2K Icons & 100 Styles <= 1.9.2 - Authenticated (Subscriber+) Arbitrary File DeletionEPSS 1.1%CVE-2022-24851HIGHStored XSS and path traversal in LDAPAccountManager/lamEPSS 1.1%CVE-2025-54755MEDIUMBIG-IP Configuration utility vulnerabilityEPSS 1.1%CVE-2023-1467MEDIUMSourceCodester Student Study Center Desk Management System POST Parameter path traversalEPSS 1.1%CVE-2024-46375CRITICALBest House Rental Management System 1.0 contains an arbitrary file upload vulnerability in the signup() function of the file rental/admin_clEPSS 1.1%CVE-2026-41463HIGHProjeQtor < 12.4.4 ZipSlip Path Traversal via uploadPlugin.phpEPSS 1.1%CVE-2025-54386HIGHTraefik's Client Plugin is Vulnerable to Path Traversal, Arbitrary File Overwrites and Remote Code ExecutionEPSS 1.1%CVE-2024-6312MEDIUMFunnelforms Free <= 3.7.3.2 - Authenticated (Administrator+) Arbitrary File DeletionEPSS 1.1%CVE-2025-27413MEDIUMPwnDoc Arbitrary File Write to RCE using Path Traversal in template update from backup templates.jsonEPSS 1.1%CVE-2021-32841MEDIUMPath Traversal in SharpZipLibEPSS 1.1%CVE-2023-23547MEDIUMA directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted nEPSS 1.1%CVE-2021-41149HIGHImproper sanitization of target names in toughEPSS 1.1%CVE-2025-46565MEDIUMVite's server.fs.deny bypassed with /. for files under project rootEPSS 1.1%CVE-2022-22685HIGHImproper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology WebDAV Server bEPSS 1.1%CVE-2023-37913CRITICALorg.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converterEPSS 1.1%CVE-2023-1956MEDIUMSourceCodester Online Computer and Laptop Store Image path traversalEPSS 1.1%CVE-2023-23907HIGHA directory traversal vulnerability exists in the server.js start functionality of Milesight VPN v2.0.2. A specially-crafted network requestEPSS 1.1%