Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2022-27261

🗓️ 12 Apr 2022 17:09:15Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 103 Views

An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server. NV

Show more
Related
Detection
Refs
ReporterTitlePublishedViews
Family
Veracode		Arbitrary File Upload
13 Apr 202208:50
veracode
Github Security Blog		Express-FileUpload Arbitrary File Overwrite
13 Apr 202200:00
github
OSV		Express-FileUpload Arbitrary File Overwrite
13 Apr 202200:00
osv
OSV		CVE-2022-27261
12 Apr 202217:15
osv
NVD		CVE-2022-27261
12 Apr 202217:15
nvd
Prion		Arbitrary file deletion
12 Apr 202217:15
prion
Cvelist		CVE-2022-27261
12 Apr 202216:29
cvelist
IBM Security Bulletins		Security Bulletin: IBM Spectrum Discover is vulnerable to multiple vulnerabilities
20 Jun 202304:41
ibm
Nvd
Node
express-fileupload_projectexpress-fileuploadMatch1.3.1node.js

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
12 Apr 2022 17:15Current
7.5High risk
Vulners AI Score7.5
CVSS24.3
CVSS37.5
EPSS0.00472
CWE-434
cve-2022-27261arbitrary file writeexpress-fileuploadfile upload vulnerabilityoverwrite vulnerabilityweb application security
103
.json
Report