PT-2025-29142 · Unknown +1 · Jquery File Upload +2

Name of the Vulnerable Software and Affected Versions: BuilderEngine version 3.5.0 Description: An unrestricted file upload issue exists due to the integration of elFinder 2.0 and the jQuery File Upload plugin. The plugin does not properly validate or restrict file types or locations during uploa...

CVE-2014-8739

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form formerly Sexy Contact Form before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute...

CVE-2014-8739

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form formerly Sexy Contact Form before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute...

CVE-2014-8739

CVE-2014-8739 : Unrestricted file upload in the jQuery File Upload Plugin 6.4.4, used by Creative Solutions Sexy Contact Form (WordPress <= 1.0.0, Joomla! <= 2.0.1), allows remote attackers to upload a PHP file via UploadHandler.php and execute code by requesting the file in the installed f...