Title:jQuery-File-Upload <= v9.22.0 unauthenticated arbitrary file upload vulnerability
The code in https://github.com/blueimp/jQuery-File-Upload/blob/master/server/php/UploadHandler.php doesn't require any validation to upload files to the server.  It also doesn't exclude file types.  This allows for remote code execution.

The back end PHP code under server/php/ is used to handle requests from the javascript front end.  This code will allow any file type to be uploaded including executable files with .php extensions.  The javascript front end sends POST requests to index.php that in turn loads the UploadHandler class from UploadHandler.php.  Files are then written to the server/php/files directory.

$ curl   -F "files=@shell.php" http://localhost/jQuery-File-Upload-9.22.0/server/php/index.php

Where shell.php is:



Or

https://github.com/lcashdol/Exploits/tree/master/CVE-2018-9206