Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

jQuery File Upload unauthenticated arbitrary file upload

Description

jQuery File Upload is a file upload widget with multiple file selection, drag&drop support, progress bars, validation and preview images, audio and video for jQuery.

A change in Apache's Web Server security setting handling exposed users of this plugin to an unrestricted file upload flaw.

Remediation

Upgrade to the latest version of jQuery File Upload. This vulnerability was fixed in jQuery File Upload v9.22.1

References

jQuery-File-Upload <= v9.22.0 unauthenticated arbitrary file upload vulnerability

File Upload Security

Related Vulnerabilities

WordPress Plugin Gallery by BestWebSoft 'php.php' Arbitrary File Upload (3.06)

WordPress Plugin BePro Listings Arbitrary File Upload (2.2.0020)

WordPress Plugin WP Mobile Detector Arbitrary File Upload (3.5)

WordPress Plugin YITH WooCommerce Gift Cards Premium Arbitrary File Upload (3.3.0)

WordPress Plugin WP Githuber MD Arbitrary File Upload (1.4.1)

Severity

High

Classification

CVE-2018-9206 CWE-434 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Tags

Unauthenticated File Upload Arbitrary File Creation