Lucene search

Jquery File Upload Security Vulnerabilities

cve

CVE-2021-37504

A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file...

6.1CVSS

5.9AI Score

0.002EPSS

2022-02-25 07:15 PM

cve

CVE-2014-8739

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute....

9.8CVSS

9.7AI Score

0.931EPSS

2020-02-08 06:15 PM

155

cve

CVE-2018-9207

Arbitrary file upload in jQuery Upload File <=...

9.8CVSS

9.4AI Score

0.006EPSS

2018-11-19 05:29 PM

cve

CVE-2018-9208

Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <=...

9.8CVSS

9.5AI Score

0.005EPSS

2018-11-05 02:00 PM

cve

CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <=...

9.8CVSS

9.3AI Score

0.967EPSS

2018-10-11 03:29 PM

160