Startutorial: >> Php Backend For Resumable.js Security Vulnerabilities
resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5 allows arbitrary file upload anywhere in the filesystem via ../ in multipart/form-data content to upload.php. (File overwrite hasn't been possible with the code available in GitHub in recent years, however.)
CVSS Score
8.1
EPSS Score
0.001
Published
2023-12-26