EPSS
Percentile
84.7%
croogo/croogo is vulnerable to arbitrary file upload. The vulnerability exists when uploading a php file via /croogo/admin/file-manager/attachments/add which allows a malicious user to perform unwanted file uploads.
/croogo/admin/file-manager/attachments/add
github.com/3erk1n/Vulnerabilities
github.com/advisories/GHSA-4pww-fqgh-36hj
github.com/croogo/croogo/issues/898