jQuery < 1.6.3 XSS Vulnerability

jQuery is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:jquery:jquery"; if...

JQShell - A Weaponized Version Of CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0)

JQShell A weaponized version of CVE-2018-9206 Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0. Disclaimer Using this agianst servers you dont control, is illegal in most countries. The author claims no responsibility for the actions of those who use thi...

Scammers use old browser trick to create fake virus download

Tech support scammers are reusing an old technique in their existing browser locker browlock schemes to force a special kind of file download. Contrary to past attacks, where the purpose was to flood the machine with a large amount of file requests in order to crash the browser, this one is purel...

Chaturbate: Stored XSS in chat topic due to insecure emoticon parsing on any message type

Description The funcitonality for adding emoticons into the chat from the serverside perspective is based on a string in the following format: %%%emoticon NAME|EMOTICONURL|WIDTH|HEIGHT|REPORTURL%%% The EMOTICONURL must conform to the following regex: javascript...

jQuery-File-Upload < v9.22.1 (ImageMagick / Ghostscript) - Remote Code Execution Exploit

Exploit for php platform in category web applications jQuery-File-Upload is the second most starred jQuery project on GitHub, after the jQuery framework itself. The project was recently reported to have a three-year-old arbitrary file upload vulnerability that was fixed in the release of v9.22.2,...

Thousands of Applications Vulnerable to RCE via jQuery File Upload

A widely used plugin by Blueimp called jQuery File Upload contains a years-old vulnerability that potentially places 7,800 different software applications at risk for compromise and remote code-execution RCE. jQuery File Upload is a is a user-contributed open-source package for software developer...

GHSA-4CJ8-G9CP-V5WR Unrestricted Upload of File with Dangerous Type in blueimp-file-upload

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

jQuery-File-Upload Arbitrary File Upload Vulnerability (Remote Check)

The version of jQuery-File-Upload running on the remote host is affected by an arbitrary file upload vulnerability. An unauthenticated attacker could leverage this vulnerability to gain access to the host in the context of the web application user. %NASLMINLEVEL 70300 C Tenable Network Security,...

jQuery File Upload Arbitrary File Upload

The version of jQuery File Upload running on the remote host is affected by an arbitrary file upload vulnerability. An unauthenticated attacker could leverage this vulnerability to gain access to the host in the context of the web application user. Note: This has been detected using an active che...

jQuery File Upload

File upload vulnerability in jQuery File Upload server/php/index.php Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

Blueimp jQuery-File-Upload Arbitrary File Upload Vulnerability

Blueimp jQuery-File-Upload is a multi-language file upload tool that includes file selection, file drag and drop, progress bar display and image preview. An arbitrary file upload vulnerability exists in Blueimp jQuery-File-Upload 9.22.0 and earlier versions, which can be exploited by remote...

UBUNTU-CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

DEBIAN-CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

Immunity Canvas: JQUERY_FILE_UPLOAD

Name| jqueryfileupload ---|--- CVE| CVE-2018-9206 Exploit Pack| CANVAS Description| Blueimp jQuery-File-Upload Arbitrary Upload Notes| CVE Name: CVE-2018-9206 VENDOR: Notes: The exploit tests different paths on the target server Repeatability: Infinite References:...

CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

CVE-2018-9206

CVE-2018-9206 is an unauthenticated arbitrary file upload vulnerability in Blueimp jQuery File Upload, affecting versions up to and including 9.22.0. The initial description and multiple connected sources confirm an arbitrary upload weakness in the plugin’s file-upload handling, which has been de...

CVE-2018-9206

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

jQuery-File-Upload 9.22.0 Arbitrary File Upload Vulnerability

jQuery-File-Upload versions 9.22.0 and below suffer from an unauthenticated arbitrary file upload vulnerability that allows for remote command execution. Title: jQuery-File-Upload 0day.today 2018-10-11...