Malicious code in ent-file-upload-widget-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3fa37bcf44d315b1004c09b9e7c5d2089e62db393cec4a977fed97b12e3432b The package ent-file-upload-widget-v2 was found to contain malicious code. Source: ghsa-malware...

MAL-2026-13 Malicious code in ent-file-upload-widget-v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c3fa37bcf44d315b1004c09b9e7c5d2089e62db393cec4a977fed97b12e3432b The package ent-file-upload-widget-v2 was found to contain malicious code. Source: ghsa-malware...

EUVD-2026-0741

Malicious code in ent-file-upload-widget-v2 npm...

CVE-2024-39318

The CVE-2024-39318 entry maps to a concrete DOM-based XSS in the Ibexa Admin UI Bundle file-upload widget. The vulnerability stems from insufficient sanitization of filenames, allowing XSS payloads to be executed during upload when the attacker has upload-permission (typically authenticated edito...

PT-2024-28442 · Ibexa · Ibexa Admin Ui Bundle

Name of the Vulnerable Software and Affected Versions: Ibexa Admin UI Bundle affected versions not specified Description: The file upload widget in the Ibexa Admin UI Bundle is vulnerable to XSS payloads in filenames. Access permission to upload files is required, which is typically only granted ...

Ibexa Admin UI 安全漏洞

Ibexa Admin UI is an open source UI interface for Ibexa. Dedicated to the Ibexa Admin UI Bundle. A security vulnerability exists in Ibexa Admin UI that stems from the file upload widget being susceptible to a cross-site scripting payload in the file name...

MAL-2024-7811 Malicious code in ent-file-upload-widget (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e476e9a95e121c935215443a2069d17764649684cdf226b5d429ea50a9c8c422 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-34 Malicious code in @chegg/wtai-upload-widget (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ed3e4233e6f2d188d7f2bab940bf8574017cf73a97b440daddc7f4e3176075a3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2020-29441

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space Denial of Service, corrupt legitimate data if files are being processed...

CVE-2020-29441

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space Denial of Service, corrupt legitimate data if files are being processed...

Design/Logic Flaw

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space Denial of Service, corrupt legitimate data if files are being processed...

CVE-2020-29441

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space Denial of Service, corrupt legitimate data if files are being processed...

CVE-2020-29441

The CVE-2020-29441 issue affects OutSystems Platform 10 prior to 10.0.1019.0 in the Upload Widget. An unauthenticated attacker can upload arbitrary files, which may cause Denial of Service by consuming database space, corrupt legitimate data during asynchronous processing, or deny access to legit...

Outsystems OutSystems Platform Code Issue Vulnerability

Outsystems OutSystems Platform is a set of enterprise-level low-code development platform from OutSystems Outsystems. The platform is primarily used for the visual development of applications. A code issue vulnerability exists in OutSystems Platform versions prior to 10 10.0.1019.0, which stems...

blueimp's jQuery 9.22.0 - (Arbitrary) File Upload (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "blueimp's jQuery Arbitrary File Upload", 'Description' = %q This module exploits an arbitrary file upload in the sample PHP upload handler for...

blueimp jQuery Arbitrary File Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "blueimp's jQuery Arbitrary File Upload", 'Description' = %q This module exploits an arbitrary file upload in the sample PHP upload handler for...