Security Advisory

CVE-2023-52086

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-26 00:00:00

Last updated 2024-08-02 22:48:12

Assigner mitre

State PUBLISHED

Description

resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5 allows arbitrary file upload anywhere in the filesystem via ../ in multipart/form-data content to upload.php. (File overwrite hasnt been possible with the code available in GitHub in recent years, however.)

← Browse all CVEs View on cve.org ↗