GNU Wget versions prior to 1.18 suffer from an arbitrary file upload vulnerability that may allow for remote code execution.