333 matches found
projectSend r1605 Cross Site Scripting
Exploit Title: projectSend r1605 - Stored XSS Application: projectSend Version: r1605 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 11-06-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & P...
projectSend r1605 CSV Injection
Exploit Title: projectSend r1605 - CSV injection Version: r1605 Bugs: CSV Injection Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 11-06-2023 Author: Mirabbas Ağalarov Tested on: Windows 2. Technical Details & POC...
projectSend r1605 - Stored XSS
Exploit Title: projectSend r1605 - Stored XSS Application: projectSend Version: r1605 Bugs: Stored Xss Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 11-06-2023 Author: Mirabbas Ağalarov Tested on: Linux 2. Technical Details & P...
projectSend r1605 Private File Download
Exploit Title: projectSend r1605 - Private file download Application: projectSend Version: r1605 Bugs: IDOR Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 24-01-2023 Author: Mirabbas Ağalarov Tested on: Linux Technical Details &...
projectSend r1605 - Private file download Vulnerability
Exploit Title: projectSend r1605 - Private file download Application: projectSend Version: r1605 Bugs: IDOR Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 24-01-2023 Author: Mirabbas Ağalarov Tested on: Linux Technical Details &...
projectSend r1605 - Private file download
Exploit Title: projectSend r1605 - Private file download Application: projectSend Version: r1605 Bugs: IDOR Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 24-01-2023 Author: Mirabbas Ağalarov Tested on: Linux Technical Details &...
projectSend r1605 - Remote Code Exectution Vulnerability
Exploit Title: projectSend r1605 - Remote Code Exectution RCE Application: projectSend Version: r1605 Bugs: rce via file extension manipulation Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 26-01-2023 Author: Mirabbas Ağalarov...
projectSend r1605 Remote Code Execution
Exploit Title: projectSend r1605 - Remote Code Exectution RCE Application: projectSend Version: r1605 Bugs: rce via file extension manipulation Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 26-01-2023 Author: Mirabbas Ağalarov...
projectSend r1605 - Remote Code Exectution RCE
Exploit Title: projectSend r1605 - Remote Code Exectution RCE Application: projectSend Version: r1605 Bugs: rce via file extension manipulation Technology: PHP Vendor URL: https://www.projectsend.org/ Software Link: https://www.projectsend.org/ Date of found: 26-01-2023 Author: Mirabbas Ağalarov...
ProjectSend Cross-Site Scripting Vulnerability (CNVD-2023-07917)
ProjectSend formerly cFTP is a set of self-hosted applications based on PHP and MySQL.A cross-site scripting vulnerability exists in versions prior to ProjectSend r1606, which could be exploited by attackers to execute arbitrary javascript in the administrator account...
CVE-2023-0607
Cross-site Scripting XSS - Stored in GitHub repository projectsend/projectsend prior to r1606...
Cross site scripting
Cross-site Scripting XSS - Stored in GitHub repository projectsend/projectsend prior to r1606...
ProjectSend 跨站脚本漏洞
ProjectSend formerly cFTP is a set of self-hosted applications based on PHP and MySQL.A cross-site scripting vulnerability exists in versions prior to ProjectSend r1606, which could be exploited by attackers to execute arbitrary javascript in the administrator account...
CVE-2023-0607
CVE-2023-0607 is a stored XSS vulnerability in the GitHub-hosted projectsend/projectsend prior to release r1606. Public sources (CNVD/CNNVD/Red Hat and OSV) describe an injection that could let attackers execute arbitrary JavaScript in an administrator account, affecting versions before r1606. Th...
CVE-2023-0607 Cross-site Scripting (XSS) - Stored in projectsend/projectsend
Cross-site Scripting XSS - Stored in GitHub repository projectsend/projectsend prior to r1606...
CVE-2023-0607 Cross-site Scripting (XSS) - Stored in projectsend/projectsend
Cross-site Scripting XSS - Stored in GitHub repository projectsend/projectsend prior to r1606...
PT-2023-16397 · Unknown · Projectsend
Name of the Vulnerable Software and Affected Versions: projectsend/projectsend versions prior to r1606 Description: The issue is related to Cross-site Scripting XSS - Stored, which affects the GitHub repository projectsend/projectsend. This type of attack involves injecting malicious scripts into...
CVE-2017-20101
A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zipdownload. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely...
CVE-2017-20101
A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zipdownload. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely...
Information disclosure
A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zipdownload. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely...