method-crm (=0.1.0) potentially affected by CVE-2021-37504 via jquery-file-upload (=4.0.11)

jquery-file-upload NPM version =4.0.11 is affected by a known vulnerability. The following packages have a transitive dependency on jquery-file-upload and may be impacted: - method-crm =0.1.0 Source cves: CVE-2021-37504 Source advisory: OSV:GHSA-43X9-7HFV-MXRF...

CVE-2014-8739

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form formerly Sexy Contact Form before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute...

CVE-2014-8739

CVE-2014-8739 : Unrestricted file upload in the jQuery File Upload Plugin 6.4.4, used by Creative Solutions Sexy Contact Form (WordPress <= 1.0.0, Joomla! <= 2.0.1), allows remote attackers to upload a PHP file via UploadHandler.php and execute code by requesting the file in the installed f...

CVE-2014-8739

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form formerly Sexy Contact Form before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute...

VulnCheck KEV: CVE-2014-8739

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form formerly Sexy Contact Form before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to...

CVE-2015-9479

The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php...

Blueimp's jQuery File Upload 9.22.0 - Arbitrary File Upload Exploit

Exploit Title: Exploit for Blueimp's jQuery File Upload include include include include include include define BSIZE 1024 define DEBUG 1 define TESTONLY 0 void buildstring char p, char path, char arg, char ar1, int func; int main int argc, char argv int sock = 0, bytesread = 0, total = 0, functio...

Arbitrary File Upload

jquery-file-upload is vulnerable to arbitrary file upload attacks. The vulnerability exists in upload.php where an unauthenticated user can upload arbitrary files to the /uploads/ directory...

jQuery File Upload < 9.24.1 Arbitrary File Upload

According to its self-reported version number, jQuery File Upload is prior to 9.24.1. Therefore, it may be affected by an arbitrary file upload vulnerability on a web server that executes files with .php as part of the file extension. An unauthenticated attacker could leverage this vulnerability ...

jQuery File Upload < 9.25.1 Potential Vulnerability With ImageMagick

According to its self-reported version number, jQuery File Upload is prior to 9.25.1. Therefore, it may be used to exploit remote code execution in an unpatched ImageMagick version. An unauthenticated attacker could leverage this vulnerability to gain access to the host in the context of the web...

jQuery File Upload < 9.22.1 Arbitrary File Upload

According to its self-reported version number, jQuery File Upload is prior to 9.22.1. Therefore, it may be affected by an arbitrary file upload vulnerability. An unauthenticated attacker could leverage this vulnerability to gain access to the host in the context of the web application user. Note...

blueimp jQuery Arbitrary File Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "blueimp's jQuery Arbitrary File Upload", 'Description' = %q This module exploits an arbitrary file upload in the sample PHP upload handler for...

Blueimp jQuery-File-Upload < 9.24.1 File Upload Vulnerability - Active Check

Blueimp jQuery-File-Upload is prone to a unauthenticated file upload vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Blueimp jQuery File Upload Remote Code Execution (CVE-2018-9206)

An arbitrary file upload vulnerability has been reported in Blueimp jQuery File Upload Plugin. The vulnerability is due to a fail to adequately sanitize user-supplied input. Successful exploitation of this vulnerability could result in arbitrary code execution...

JQShell - A Weaponized Version Of CVE-2018-9206 (Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0)

JQShell A weaponized version of CVE-2018-9206 Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0. Disclaimer Using this agianst servers you dont control, is illegal in most countries. The author claims no responsibility for the actions of those who use thi...

jQuery-File-Upload < v9.22.1 (ImageMagick / Ghostscript) - Remote Code Execution Exploit

Exploit for php platform in category web applications jQuery-File-Upload is the second most starred jQuery project on GitHub, after the jQuery framework itself. The project was recently reported to have a three-year-old arbitrary file upload vulnerability that was fixed in the release of v9.22.2,...

Thousands of Applications Vulnerable to RCE via jQuery File Upload

A widely used plugin by Blueimp called jQuery File Upload contains a years-old vulnerability that potentially places 7,800 different software applications at risk for compromise and remote code-execution RCE. jQuery File Upload is a is a user-contributed open-source package for software developer...

GHSA-4CJ8-G9CP-V5WR Unrestricted Upload of File with Dangerous Type in blueimp-file-upload

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload = v9.22.0...

jQuery-File-Upload Arbitrary File Upload Vulnerability (Remote Check)

The version of jQuery-File-Upload running on the remote host is affected by an arbitrary file upload vulnerability. An unauthenticated attacker could leverage this vulnerability to gain access to the host in the context of the web application user. %NASLMINLEVEL 70300 C Tenable Network Security,...

jQuery File Upload Arbitrary File Upload

The version of jQuery File Upload running on the remote host is affected by an arbitrary file upload vulnerability. An unauthenticated attacker could leverage this vulnerability to gain access to the host in the context of the web application user. Note: This has been detected using an active che...