Critical severityNVD Advisory· Published Oct 11, 2018· Updated Nov 4, 2025
CVE-2018-9206
CVE-2018-9206
Description
Unauthenticated arbitrary file upload vulnerability in Blueimp jQuery-File-Upload <= v9.22.0
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
blueimp-file-uploadnpm | < 9.22.1 | 9.22.1 |
Affected products
1- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- www.exploit-db.com/exploits/45790/mitreexploitx_refsource_EXPLOIT-DB
- www.exploit-db.com/exploits/46182/mitreexploitx_refsource_EXPLOIT-DB
- github.com/advisories/GHSA-4cj8-g9cp-v5wrghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-9206ghsaADVISORY
- www.securityfocus.com/bid/105679ghsavdb-entryx_refsource_BIDWEB
- www.securityfocus.com/bid/106629ghsavdb-entryx_refsource_BIDWEB
- www.vapidlabs.com/advisory.phpghsax_refsource_MISCWEB
- wpvulndb.com/vulnerabilities/9136ghsax_refsource_MISCWEB
- www.exploit-db.com/exploits/45790ghsaWEB
- www.exploit-db.com/exploits/46182ghsaWEB
- www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.