Lucene search
China National Vulnerability DatabaseCNVD-2021-81765HistoryOct 12, 2021 - 12:00 a.m.
Projectsend directory traversal vulnerability
2021-10-1200:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
projectsend
directory traversal
vulnerability
web application
validation
input parameter
file sharing
EPSS
0.006
Percentile
78.1%
A directory traversal vulnerability exists in ProjectSend version r1295, a free, customer-facing private file sharing Web application. The vulnerability stems from a lack of validation of the input to the files[] parameter. An attacker could exploit the vulnerability by adding … /upload/files/ folder to all PHP files or any files on the system to which access is granted.
Related
checkpoint_advisories
checkpoint_advisories
Projectsend Directory Traversal (CVE-2021-40887)
2021-11-15 00:00:00
cvelist
cvelist
CVE-2021-40887
2021-10-11 10:12:06
cve
cve
CVE-2021-40887
2021-10-11 11:15:09
osv
osv
CVE-2021-40887
2021-10-11 11:15:09
prion
prion
Directory traversal
2021-10-11 11:15:00
nvd
nvd
CVE-2021-40887
2021-10-11 11:15:09