3 matches found
GHSA-W4M6-X6C2-J5C9 Express-FileUpload Arbitrary File Overwrite
An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server. This vulnerability is debated by the package author...
CVE-2022-27261
An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server...
PT-2022-18338 · Unknown · Express-Fileupload
Name of the Vulnerable Software and Affected Versions: Express-FileUpload version 1.3.1 Description: The issue allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server. This can be exploited due to an arbitrary file write...