0.007 Low
EPSS
Percentile
80.4%
express-fileupload is vulnerable to arbitrary file upload. It does not restrict an attacker from uploading a malicious PHP file to execute arbitrary code.
www.youtube.com/watch?v=4XpofFi84KI