VYPR
Vendor

Express Fileupload

Products
1
CVEs
1
Across products
1
Status
Private

Products

1

Recent CVEs

1
  • CVE-2022-27140CriApr 12, 2022
    risk 0.64cvss 9.8epss 0.03

    An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows attackers to execute arbitrary code via a crafted PHP file. NOTE: the vendor's position is that the observed behavior can only occur with "intentional misusing of the API": the…