Free Trial

file-upload-with-preview up to 4.1.x Filename cross site scripting

A vulnerability was found in file-upload-with-preview up to 4.1.x. It has been rated as problematic. Affected by this issue is some unknown processing of the component Filename Handler. Upgrading to version 4.2.0 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION

CVE-2023-32306 : TIME TRACKER UP TO 1.22.13.5791 REPORTS.PHP SQL INJECTION

Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running

Learn more
CVE-2023-1834 : ROCKWELL AUTOMATION KINETIX 5500 7.13 TELNET/FTP ACCESS CONTROL

CVE-2023-1834 : ROCKWELL AUTOMATION KINETIX 5500 7.13 TELNET/FTP ACCESS CONTROL

Description Rockwell Automation was made aware that Kinetix 5500 drives, manufactured between May 2022 and January 2023, and are running

Learn more
CVE-2023-2645 : USR USR-G806 1.0.41 WEB MANAGEMENT PAGE USERNAME/PASSWORD HARD-CODED PASSWORD

CVE-2023-2645 : USR USR-G806 1.0.41 WEB MANAGEMENT PAGE USERNAME/PASSWORD HARD-CODED PASSWORD

Description A vulnerability, which was classified as critical, was found in USR USR-G806 1.0.41. Affected is an unknown function of

Learn more