Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

333 matches found

EUVD
EUVDadded 2026/03/12 6:30 p.m.2 views

EUVD-2026-11593

A vulnerability was detected in projectsend up to r1945. This affects the function realpath of the file /import-orphans.php of the component Delete Handler. Performing a manipulation of the argument files results in path traversal. Remote exploitation of the attack is possible. The exploit is now...

5.1CVSS5.5AI score0.00121EPSS
Exploits0References5
EUVD
EUVDadded 2026/03/12 6:30 p.m.1 views

EUVD-2026-11619

A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldapemail can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with...

6.3CVSS5.2AI score0.00043EPSS
Exploits0References5
NVD
NVDadded 2026/03/12 5:16 p.m.0 views

CVE-2026-4045

A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldapemail can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with...

6.3CVSS0.00043EPSS
Exploits0References4
NVD
NVDadded 2026/03/12 4:16 p.m.1 views

CVE-2026-4044

A vulnerability was detected in projectsend up to r1945. This affects the function realpath of the file /import-orphans.php of the component Delete Handler. Performing a manipulation of the argument files results in path traversal. Remote exploitation of the attack is possible. The exploit is now...

5.1CVSS0.00121EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/12 4:2 p.m.26 views

CVE-2026-4045 projectsend Auth.php response discrepancy

A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldapemail can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with...

6.3CVSS0.00043EPSS
Exploits0References4
CVE
CVEadded 2026/03/12 4:2 p.m.4 views

CVE-2026-4045

CVE-2026-4045 affects projectsend up to r1945, specifically an issue in includes/Classes/Auth.php where manipulating the ldap_email argument can cause observable response discrepancy. attack can be executed remotely with high complexity and is reported as a low-severity (CVSS ~3.7) issue, with ex...

6.3CVSS5.2AI score0.00043EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/12 4:2 p.m.1 views

CVE-2026-4045 projectsend Auth.php response discrepancy

A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldapemail can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with...

6.3CVSS5.2AI score0.00043EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/12 4:2 p.m.0 views

CVE-2026-4045

A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldapemail can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with...

6.3CVSS5.2AI score0.00043EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/03/12 3:32 p.m.0 views

CVE-2026-4044 projectsend Delete import-orphans.php realpath path traversal

A vulnerability was detected in projectsend up to r1945. This affects the function realpath of the file /import-orphans.php of the component Delete Handler. Performing a manipulation of the argument files results in path traversal. Remote exploitation of the attack is possible. The exploit is now...

5.1CVSS5.5AI score0.00121EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/03/12 3:32 p.m.24 views

CVE-2026-4044 projectsend Delete import-orphans.php realpath path traversal

A vulnerability was detected in projectsend up to r1945. This affects the function realpath of the file /import-orphans.php of the component Delete Handler. Performing a manipulation of the argument files results in path traversal. Remote exploitation of the attack is possible. The exploit is now...

5.1CVSS0.00121EPSS
Exploits0References4
CVE
CVEadded 2026/03/12 3:32 p.m.5 views

CVE-2026-4044

The vulnerability CVE-2026-4044 affects projectsend up to r1945, specifically the realpath function in /import-orphans.php within the Delete Handler. Manipulating the files[] argument enables path traversal, enabling remote exploitation. The exploit is public; vendor was contacted but did not res...

5.1CVSS5.5AI score0.00121EPSS
Exploits0References4
NVD
NVDadded 2026/03/12 4:16 a.m.0 views

CVE-2026-3977

A security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. The manipulation leads to missing authorization. The attack can be initiated remotely. The identifier of the patch is...

6.5CVSS0.00064EPSS
Exploits0References6
OSV
OSVadded 2026/03/12 4:16 a.m.2 views

CVE-2026-3977

A security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. The manipulation leads to missing authorization. The attack can be initiated remotely. The identifier of the patch is...

6.3CVSS5.3AI score
Exploits0References6
Cvelist
Cvelistadded 2026/03/12 3:2 a.m.21 views

CVE-2026-3977 projectsend AJAX Endpoints authorization

A security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. The manipulation leads to missing authorization. The attack can be initiated remotely. The identifier of the patch is...

6.5CVSS0.00064EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/03/12 3:2 a.m.0 views

CVE-2026-3977 projectsend AJAX Endpoints authorization

A security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. The manipulation leads to missing authorization. The attack can be initiated remotely. The identifier of the patch is...

6.5CVSS5.3AI score0.00064EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/03/12 12:0 a.m.1 views

PT-2026-24917

A security vulnerability has been detected in projectsend up to r1945. The affected element is an unknown function of the component AJAX Endpoints. The manipulation leads to missing authorization. The attack can be initiated remotely. The identifier of the patch is...

6.5CVSS5.3AI score0.00064EPSS
Exploits0References7
CNNVD
CNNVDadded 2026/03/12 12:0 a.m.2 views

ProjectSend 路径遍历漏洞

ProjectSend cFTP is an open-source hosted application based on PHP and MySQL by ProjectSend. Versions of ProjectSend cFTP prior to r1945 contained a path traversal vulnerability. This vulnerability stemmed from the incorrect handling of the files parameter in the Delete Handler component, which...

5.1CVSS5.8AI score0.00121EPSS
Exploits0References4
CNNVD
CNNVDadded 2026/03/12 12:0 a.m.2 views

ProjectSend(cFTP) 安全漏洞

ProjectSend cFTP is an open-source hosted application based on PHP and MySQL. Version r1945 and earlier of ProjectSend cFTP have security vulnerabilities. These vulnerabilities stem from incorrect handling of the parameter ldapemail in the file includes/Classes/Auth.php, which may lead to differe...

6.3CVSS5.8AI score0.00043EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/03/12 12:0 a.m.1 views

PT-2026-24962

Name of the Vulnerable Software and Affected Versions projectsend versions prior to r1945 Description A flaw exists in projectsend that allows for path traversal. This issue affects the realpath function within the /import-orphans.php file of the Delete Handler component. Manipulating the files...

5.1CVSS5.8AI score0.00121EPSS
Exploits0References8
Positive Technologies
Positive Technologiesadded 2026/03/12 12:0 a.m.2 views

PT-2026-25004

Name of the Vulnerable Software and Affected Versions projectsend versions prior to r1946 Description A flaw exists in projectsend up to revision r1945. This impacts an unknown function within the includes/Classes/Auth.php file. Manipulating the ldap email argument can cause an observable...

6.3CVSS5.6AI score0.00043EPSS
Exploits0References8
Rows per page
Query Builder