CVE-2022-26315

qrcp through 0.8.4, in receive mode, allows ../ Directory Traversal via the file name specified by the uploader.