Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. When chained with CVE-2022-24984, this could lead to unauthenticated remote code execution on the underlying web server. This occurs because the Unique ID field is contained in the POST response upon submitting a form.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
JqueryForm.com Jquery Form Builder 安全漏洞
Vulnerability Description
JqueryForm.com Jquery Form Builder是JqueryForm.com公司的一个表单生成器。 JqueryForm.com Jquery Form Builder 存在路径遍历漏洞,该漏洞源于在提交表单时,唯一 ID 字段包含在 POST 响应中。JQueryForm.com 在 2022-02-05 之前生成的表单允许远程攻击者通过捕获 POST 响应来获取任何上传文件的 URI。 当与 CVE-2022-24984 链接时,这可能会导致在底层 Web 服务器上执行未经身份验
CVSS Information
N/A
Vulnerability Type
N/A