express-cart unrestricted file upload vulnerability

🗓️ 13 May 2022 01:21:32Reported by GitHub Advisory DatabaseType

Unrestricted file upload vulnerability in express-cart modul

Reporter	Title	Published	Views	Family All 7
CVE	CVE-2018-3758	7 Jun 201821:29	–	cve
Prion	Unrestricted file upload	7 Jun 201821:29	–	prion
Cvelist	CVE-2018-3758	7 Jun 201821:00	–	cvelist
NVD	CVE-2018-3758	7 Jun 201821:29	–	nvd
Hacker One	Node.js third-party modules: Unrestricted file upload (RCE)	26 Apr 201821:54	–	hackerone
Veracode	Arbitrary File Upload	4 Jun 201805:24	–	veracode
OSV	express-cart unrestricted file upload vulnerability	13 May 202201:32	–	osv

Vulners

Node

express\-cart_project express\-cartRange<1.1.7

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-3758
hackerone	www.hackerone.com/reports/343726
github	www.github.com/mrvautin/expressCart/commit/65b18cfe426fa217aa6ada1d4162891883137893
github	www.github.com/advisories/GHSA-4w62-cq5r-5mmq

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 May 2022 01:32Current

6.9Medium risk

Vulners AI Score6.9

CVSS29

CVSS38.8

EPSS0.04606

CWE-434