Ravishanker Kusuma

2 exploits Active since Nov 2018
CVE-2018-9207 NOMISEC CRITICAL WORKING POC
jQuery Upload File <= 4.0.2 - Arbitrary File Upload
Arbitrary file upload in jQuery Upload File <= 4.0.2
CVSS 9.8
CVE-2021-37504 WRITEUP MEDIUM WRITEUP
jquery_upload_file 4.0.11 - Cross-Site Scripting via fileNameStr Parameter
A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name.
CVSS 6.1