CVE-2018-9206 — Vulnetix

CVE-2018-9206 PUBLISHED

Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0

EPSS 93.78% · 99.9th percentile

Risk Scores

EPSS Score

93.78%

99.9th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:18.04:LTS	libjs-jquery-file-upload	0, 9.19.1-1

Exploit Intelligence

(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)
(crowdsec)

…and 228 more exploits

Timeline

Oct 11, 2018 CVE Published
Oct 11, 2018 PoC Published
Oct 23, 2018 PoC Published
Oct 25, 2018 PoC Published
Nov 5, 2018 PoC Published
Nov 5, 2018 PoC Published
Nov 6, 2018 PoC Published
Apr 14, 2021 EPSS Score
Jun 23, 2021 EPSS Score
Sep 1, 2021 CVE Updated
Sep 21, 2021 PoC Published
Oct 26, 2021 EPSS Score

References

https://ubuntu.com/security/CVE-2018-9206 third-party-advisory
https://github.com/blueimp/jQuery-File-Upload/pull/3514 third-party-advisory
http://www.vapidlabs.com/advisory.php?v=204 third-party-advisory
https://github.com/lcashdol/Exploits/tree/master/CVE-2018-9206 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2018-9206 third-party-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›