: If you are running version 2.7.5, it is highly recommended to upgrade to a newer, patched version of HTMLy immediately.
POST /upload HTTP/1.1 Content-Type: multipart/form-data htmly 2.7.5 exploit
A: Yes, with proper rules. For example, ModSecurity rules that block ../ in parameters or disallow php5 in multipart/form-data file names will stop the attack. But a patch is still recommended. : If you are running version 2