Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
express-fileupload project express-fileupload vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-27261
An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows malicious users to upload multiple files with the same name, causing an overwrite of files in the web application server.
Express-fileupload Project Express-fileupload 1.3.1
9.8
CVSSv3
CVE-2022-27140
An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows malicious users to execute arbitrary code via a crafted PHP file. NOTE: the vendor's position is that the observed behavior can only occur with "intentional misusing of t...
Express-fileupload Project Express-fileupload 1.3.1
9.8
CVSSv3
CVE-2020-7699
This affects the package express-fileupload prior to 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution.
Express-fileupload Project Express-fileupload
Netapp Max Data -
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started