Vulnerabilities (CVE)

Filtered by vendor Hayageek Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-37504 1 Hayageek 1 Jquery Upload File 2024-02-28 4.3 MEDIUM 6.1 MEDIUM
A cross-site scripting (XSS) vulnerability in the fileNameStr parameter of jQuery-Upload-File v4.0.11 allows attackers to execute arbitrary web scripts or HTML via a crafted file with a Javascript payload in the file name.
CVE-2018-9207 1 Hayageek 1 Jquery Upload File 2024-02-28 7.5 HIGH 9.8 CRITICAL
Arbitrary file upload in jQuery Upload File <= 4.0.2