Date Author Title
2024-10-15Johannes UllrichAngular-base64-update Demo Script Exploited (CVE-2024-42640)
2022-05-23Johannes UllrichAttacker Scanning for jQuery-File-Upload
2021-07-29Xavier MertensMalicious Content Delivered Through archive.org
2018-11-05Johannes UllrichStruts 2.3 Vulnerable to Two Year old File Upload Flaw
2009-12-28Johannes Ullrich8 Basic Rules to Implement Secure File Uploads http://jbu.me/48 (inspired by IIS ; bug)