Starryloki

**Name of the Vulnerable Software and Affected Versions** qrcp versions 0.8.4 and earlier **Description** The issue allows for ../ Directory Traversal via the file name specified by the uploader when qrcp is in receive mode. This can potentially lead to unauthorized access to files outside the intended directory. **Recommendations** For versions 0.8.4 and earlier, consider restricting the receive mode functionality until a patch is available to prevent exploitation of the Directory Traversal vulnerability. As a temporary workaround, validate and sanitize file names provided by uploaders to prevent malicious directory traversal.