RichFilemanager icon indicating copy to clipboard operation
RichFilemanager copied to clipboard
verified publisher icon psolom

Fix CVE-2018-9206 Remote code execution vulnerability in jQuery-File-Upload

Open bart-v opened this issue 7 years ago • 2 comments

RichFilemanager statically includes jQuery-File-Upload version 9.12.1. All versions prior to v9.22.1 contain an unauthenticated arbitrary file upload vulnerability: http://www.vapidlabs.com/advisory.php?v=204

bart-v avatar Oct 22 '18 19:10 bart-v

i just got hacked from this

okwme avatar Jan 07 '19 16:01 okwme

+1

hanimayahi avatar Apr 30 '19 14:04 hanimayahi