Express Fileuploadproject Express Fileupload
By the Year
In 2024 there have been 0 vulnerabilities in Express Fileuploadproject Express Fileupload . Express Fileupload did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 2 | 8.65 |
2021 | 0 | 0.00 |
2020 | 1 | 9.80 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Express Fileupload vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Express Fileuploadproject Express Fileupload Security Vulnerabilities
An arbitrary file write vulnerability in Express-FileUpload v1.3.1
CVE-2022-27261
7.5 - High
- April 12, 2022
An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server.
Unrestricted File Upload
An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1
CVE-2022-27140
9.8 - Critical
- April 12, 2022
An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows attackers to execute arbitrary code via a crafted PHP file. NOTE: the vendor's position is that the observed behavior can only occur with "intentional misusing of the API": the express-fileupload middleware is not responsible for an application's business logic (e.g., determining whether or how a file should be renamed).
Unrestricted File Upload
This affects the package express-fileupload before 1.1.8
CVE-2020-7699
9.8 - Critical
- July 30, 2020
This affects the package express-fileupload before 1.1.8. If the parseNested option is enabled, sending a corrupt HTTP request can lead to denial of service or arbitrary code execution.
Prototype Pollution
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for NetApp Max Data or by Express Fileuploadproject? Click the Watch button to subscribe.