Packagist (Composer) package
oneup/uploader-bundle
pkg:composer/oneup/uploader-bundle
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-5237 | — | >= 2.0.0, < 2.1.5 | 2.1.5 | Feb 5, 2020 | Multiple relative path traversal vulnerabilities in the oneup/uploader-bundle before 1.9.3 and 2.1.5 allow remote attackers to upload, copy, and modify files on the filesystem (potentially leading to arbitrary code execution) via the (1) filename parameter to BlueimpController.ph |
- CVE-2020-5237Feb 5, 2020affected >= 2.0.0, < 2.1.5fixed 2.1.5
Multiple relative path traversal vulnerabilities in the oneup/uploader-bundle before 1.9.3 and 2.1.5 allow remote attackers to upload, copy, and modify files on the filesystem (potentially leading to arbitrary code execution) via the (1) filename parameter to BlueimpController.ph