Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-4CJ8-G9CP-V5WR
HistoryOct 22, 2018 - 6:53 p.m.

Unrestricted Upload of File with Dangerous Type in blueimp-file-upload

2018-10-2218:53:56
CWE-434
GitHub Advisory Database
github.com
30

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.967 High

EPSS

Percentile

99.6%

JSON

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0

CPENameOperatorVersion
blueimp-file-uploadle9.22.0

Related

packetstorm 2
checkpoint_advisories 1
prion 1
wpexploit 2
dsquare 1
zdt 1
veracode 1
kitploit 2
metasploit 1
wpvulndb 2
nessus 3
threatpost 1
exploitpack 2
ubuntucve 1
osv 2
patchstack 1
canvas 1
openvas 2
debiancve 1
cve 1
exploitdb 3
impervablog 1
oracle 1
packetstorm
packetstorm
Blueimp jQuery File Upload 9.22.0 Arbitrary File Upload
2019-01-17 00:00:00
blueimp jQuery Arbitrary File Upload
2018-11-05 00:00:00
checkpoint_advisories
checkpoint_advisories
Blueimp jQuery File Upload Remote Code Execution (CVE-2018-9206)
2018-11-01 00:00:00
prion
prion
Design/Logic Flaw
2018-10-11 15:29:00
wpexploit
wpexploit
Tajer - Unauthenticated Arbitrary File Upload
2018-10-15 00:00:00
Art-Picture-Gallery <= 1.2.9 - Unauthenticated Arbitrary File Upload
2020-04-02 00:00:00
dsquare
dsquare
jQuery File Upload
2018-10-18 00:00:00
zdt
zdt
blueimp jQuery Arbitrary File Upload Exploit
2018-11-05 00:00:00
veracode
veracode
Arbitrary File Upload
2018-10-12 02:43:31
kitploit
kitploit
JQShell - A Weaponized Version Of CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0)
2018-10-29 20:39:00
Darksplitz - Exploit Framework
2019-04-04 21:12:00
metasploit
metasploit
blueimp's jQuery (Arbitrary) File Upload
2018-10-23 04:35:42
wpvulndb
wpvulndb
Art-Picture-Gallery <= 1.2.9 - Unauthenticated Arbitrary File Upload
2020-04-02 00:00:00
Tajer - Unauthenticated Arbitrary File Upload
2018-10-15 00:00:00
nessus
nessus
jQuery-File-Upload Arbitrary File Upload Vulnerability (Remote Check)
2018-10-22 00:00:00
Nessus Network Monitor < 6.3.1 Multiple Vulnerabilities (TNS-2023-43)
2023-11-30 00:00:00
Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)
2019-01-18 00:00:00
threatpost
threatpost
Thousands of Applications Vulnerable to RCE via jQuery File Upload
2018-10-23 12:31:06
exploitpack
exploitpack
Blueimps jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
2019-01-16 00:00:00
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
2018-10-11 00:00:00
ubuntucve
ubuntucve
CVE-2018-9206
2018-10-11 00:00:00
osv
osv
Unrestricted Upload of File with Dangerous Type in blueimp-file-upload
2018-10-22 18:53:56
CVE-2018-9206
2018-10-11 15:29:00
patchstack
patchstack
WordPress Art-Picture-Gallery plugin <= 1.2.9 - Unauthenticated Arbitrary File Upload vulnerability
2020-04-02 00:00:00
canvas
canvas
Immunity Canvas: JQUERY_FILE_UPLOAD
2018-10-11 15:29:00
openvas
openvas
Blueimp jQuery-File-Upload < 9.24.1 File Upload Vulnerability - Active Check
2018-11-02 00:00:00
Tenable Nessus Network Monitor < 6.3.1 Multiple Vulnerabilities (TNS-2023-43)
2023-11-30 00:00:00
debiancve
debiancve
CVE-2018-9206
2018-10-11 15:29:00
cve
cve
CVE-2018-9206
2018-10-11 15:29:00
exploitdb
exploitdb
Blueimp&#039;s jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit
2019-01-16 00:00:00
blueimp&#039;s jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)
2018-11-06 00:00:00
jQuery-File-Upload 9.22.0 - Arbitrary File Upload
2018-10-11 00:00:00
impervablog
impervablog
CrimeOps of the KashmirBlack Botnet – Part II
2020-10-22 18:55:05
oracle
oracle
Oracle Critical Patch Update Advisory - January 2019
2019-01-15 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.967 High

EPSS

Percentile

99.6%

JSON
Related for GHSA-4CJ8-G9CP-V5WR
packetstorm2checkpoint_advisories1prion1wpexploit2dsquare1zdt1veracode1kitploit2metasploit1wpvulndb2nessus3threatpost1exploitpack2ubuntucve1osv2patchstack1canvas1openvas2debiancve1cve1exploitdb3impervablog1oracle1