Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express-fileupload project express-fileupload vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-27140
An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows malicious users to execute arbitrary code via a crafted PHP file. NOTE: the vendor's position is that the observed behavior can only occur with "intentional misusing of t...
Express-fileupload Project Express-fileupload 1.3.1
7.5
CVSSv3
CVE-2022-27261
An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows malicious users to upload multiple files with the same name, causing an overwrite of files in the web application server.
Express-fileupload Project Express-fileupload 1.3.1
9.8
CVSSv3
CVE-2020-7699
This affects the package express-fileupload prior to 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution.
Express-fileupload Project Express-fileupload
Netapp Max Data -
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started