Описание
Unrestricted Upload of File with Dangerous Type in blueimp-file-upload
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-9206
- https://github.com/advisories/GHSA-4cj8-g9cp-v5wr
- https://wpvulndb.com/vulnerabilities/9136
- https://www.exploit-db.com/exploits/45790
- https://www.exploit-db.com/exploits/46182
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- http://www.securityfocus.com/bid/105679
- http://www.securityfocus.com/bid/106629
- http://www.vapidlabs.com/advisory.php?v=204
Пакеты
Наименование
blueimp-file-upload
npm
Затронутые версииВерсия исправления
<= 9.22.0
9.22.1
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 7 лет назад
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
CVSS3: 9.8
nvd
больше 7 лет назад
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
CVSS3: 9.8
debian
больше 7 лет назад
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery- ...