Critical severity9.8NVD Advisory· Published Feb 16, 2022· Updated Jun 17, 2026
CVE-2022-24984
CVE-2022-24984
Description
Forms generated by JQueryForm.com before 2022-02-05 (if file-upload capability is enabled) allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur on the client side, and because not all executable content (e.g., .phtml or .php.bak) is blocked.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- JQueryForm.com/JQueryForm.comdescription
- Range: <2022-02-05
Patches
Vulnerability mechanics
References
3- jqueryform.comnvdVendor Advisory
- gist.github.com/pb-nsi/4d0a1ede76d4e97083b3435f820bf560nvdThird Party Advisory
- www.nou-systems.com/cyber-securitynvdThird Party Advisory
News mentions
0No linked articles in our index yet.