Arbitrary File Upload vulnerability in VvvebJs before version 1.7.5, allows unauthenticated remote attackers to execute arbitrary code and obtain sensitive information via the sanitizeFileName parameter in save.php.
{ "nvd_published_at": "2024-03-22T04:15:11Z", "cwe_ids": [ "CWE-434" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-08-02T13:27:23Z" }