0.001 Low
EPSS
Percentile
36.3%
express-cart is vulnerable to arbitrary file upload. The vulnerability exists due to a lack of sanity check on the path and size of the uploaded file.
github.com/mrvautin/expressCart/commit/65b18cfe426fa217aa6ada1d4162891883137893
hackerone.com/patrickrbc
hackerone.com/reports/343726