ASP.NET MVC 5 jQuery File Upload. Contribute to JMooreWeb/aspnet-jquery-file-upload development by creating an account on GitHub.

Description: jQuery File Upload Plugin 6.4.4 contains an unrestricted file upload caused by lack of validation in server/php/UploadHandler.php, letting remote attackers execute arbitrary PHP code by ...

For at least three years, hackers have abused a zero-day in one of the most popular jQuery plugins to plant web shells and take over vulnerable web servers, ZDNet has learned.

The bug affects the widely used jQuery File Upload widget and allowed an attacker to upload arbitrary files on web servers, including command shells for sending out commands.