Vulnerabilities > Express Fileupload Project > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-12 | CVE-2022-27140 | Unrestricted Upload of File with Dangerous Type vulnerability in Express-Fileupload Project Express-Fileupload 1.3.1 An arbitrary file upload vulnerability in the file upload module of express-fileupload 1.3.1 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2020-07-30 | CVE-2020-7699 | This affects the package express-fileupload before 1.1.8. | 9.8 |