VYPR

resumable.php

by Resumable.php

CVEs (1)

  • CVE-2023-52086HigDec 26, 2023
    risk 0.00cvss 8.1epss 0.01

    resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5 allows arbitrary file upload anywhere in the filesystem via ../ in multipart/form-data content to upload.php. (File overwrite hasn't been possible with the code available in GitHub in recent years, however.)