16 matches found
EUVD-2022-0802
Malicious code in bioql PyPI...
CVE-2021-37504
A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...
Hayageek Jquery Upload File Cross-Site Scripting Vulnerability
Hayageek Jquery Upload File is a jQuery-based file upload plugin from Hayageek's personal developer. Hayageek Jquery Upload File v4.0.11 contains a cross-site scripting vulnerability that could be exploited by attackers to execute arbitrary web script or HTML via a specially crafted file with a...
jQuery-Upload-File XSS in fileNameStr
A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...
GHSA-43X9-7HFV-MXRF jQuery-Upload-File XSS in fileNameStr
A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...
CVE-2021-37504
A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...
CVE-2021-37504
A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...
Cross site scripting
A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...
CVE-2021-37504
CVE-2021-37504 concerns an XSS in the fileNameStr parameter of the jQuery-Upload-File library (v4.0.11). Multiple connected sources corroborate that a crafted file name containing a Javascript payload can cause arbitrary web script execution. The root cause is the unsanitized fileNameStr input; e...
CVE-2021-37504
A cross-site scripting XSS vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name...
PT-2022-10654 · Unknown · Jquery File Upload
Name of the Vulnerable Software and Affected Versions: jQuery-Upload-File version 4.0.11 Description: A cross-site scripting XSS issue exists due to a vulnerability in the fileNameStr parameter, allowing attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript paylo...
Default credentials
Arbitrary file upload in jQuery Upload File = 4.0.2...
CVE-2018-9207
Arbitrary file upload in jQuery Upload File = 4.0.2...
CVE-2018-9207
Arbitrary file upload in jQuery Upload File = 4.0.2...
CVE-2018-9207
CVE-2018-9207 refers to an arbitrary file upload vulnerability in jquery-file-upload (
CVE-2018-9207
Arbitrary file upload in jQuery Upload File = 4.0.2...