333 matches found
ProjectSend r754 - Insecure Direct Object Reference
ProjectSend r754 - Insecure Direct Object Reference Document Title: =============== ProjectSend r754 - IDOR & Authentication Bypass Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2031 Release Date: ============= 2017-02-21 Vulnerability...
ProjectSend r754 - IDOR & Authentication Bypass
Document Title: =============== ProjectSend r754 - IDOR & Authentication Bypass References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2031 Release Date: ============= 2017-02-21 Vulnerability Laboratory ID VL-ID: ==================================== 2031 Comm...
ProjectSend r754 - IDOR & Authentication Bypass
Document Title: =============== ProjectSend r754 - IDOR & Authentication Bypass References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2031 Release Date: ============= 2017-02-21 Vulnerability Laboratory ID VL-ID: ==================================== 2031 Comm...
ProjectSend Multiple Vulnerabilities (Apr 2016) - Active Check
ProjectSend is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:projectsend:projectsend";...
ProjectSend Detection (HTTP)
HTTP based detection of ProjectSend. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.807549";...
ProjectSend r582 多个(持久)XSS漏洞
No description provided by source...
ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities
Exploit Title: Multiple persistent XSS in ProjectSend Discovery Date: 2016/02/19 Public Disclosure Date: 2016/03/17 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x Project Homepage: http://www.projectsend.org/ Software Link: http://www.projectsend.org/download/108/ Version:...
ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities
Exploit for php platform in category web applications Exploit Title: Multiple persistent XSS in ProjectSend Discovery Date: 2016/02/19 Public Disclosure Date: 2016/03/17 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x Project Homepage: http://www.projectsend.org/ Software Lin...
ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities
ProjectSend r582 - Multiple Cross-Site Scripting Vulnerabilities Exploit Title: Multiple persistent XSS in ProjectSend Discovery Date: 2016/02/19 Public Disclosure Date: 2016/03/17 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x Project Homepage: http://www.projectsend.org/...
ProjectSend r582 Cross Site Scripting
Exploit Title: Multiple persistent XSS in ProjectSend Discovery Date: 2016/02/19 Public Disclosure Date: 2016/03/17 Exploit Author: Michael Helwig Contact: https://twitter.com/c0dmtr1x Project Homepage: http://www.projectsend.org/ Software Link: http://www.projectsend.org/download/108/ Version:...
ProjectSend r582 - Multiple Vulnerabilities
Advisory ID: SGMA-16001 Title: ProjectSend multiple vulnerabilities Product: ProjectSend previously cFTP Version: r582 and probably prior Vendor: www.projectsend.org Vulnerability type: SQL-injection, Auth bypass, Arbitrary File Access, Insecure Object Reference Risk level: 4 / 5 Credit:...
ProjectSend r582 Bypass / SQL Injection / File Read
Advisory ID: SGMA-16001 Title: ProjectSend multiple vulnerabilities Product: ProjectSend previously cFTP Version: r582 and probably prior Vendor: www.projectsend.org Vulnerability type: SQL-injection, Auth bypass, Arbitrary File Access, Insecure Object Reference Risk level: 4 / 5 Credit:...
ProjectSend r582 - Multiple Vulnerabilities
ProjectSend r582 - Multiple Vulnerabilities Advisory ID: SGMA-16001 Title: ProjectSend multiple vulnerabilities Product: ProjectSend previously cFTP Version: r582 and probably prior Vendor: www.projectsend.org Vulnerability type: SQL-injection, Auth bypass, Arbitrary File Access, Insecure Object...
ProjectSend r582 - Multiple Vulnerabilities
Exploit for php platform in category web applications Title: ProjectSend multiple vulnerabilities Product: ProjectSend previously cFTP Version: r582 and probably prior Vendor: www.projectsend.org Vulnerability type: SQL-injection, Auth bypass, Arbitrary File Access, Insecure Object Reference Risk...
Projectsend r572 Cross Site Scripting
Title: Projectsend r572 - Cross Site Scripting Reflected Disclosed: 5/28/15 Vendor Patched: 6/6/15 Published: 6/10/15 Credit: Matt Landers - [email protected] Original Advisory: www.mjltech.net/adv/MJLTECH%20-%20Projectsend%20R572%20XSS.txt...
ProjectSend Cross-Site Scripting Vulnerability
ProjectSend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. A cross-site scripting vulnerability exists in ProjectSend. An attacker can exploit the vulnerability to execute arbitrary script code in the context of an affected site to steal cookie-based...
ProjectSend Cross-Site Request Forgery Vulnerability
ProjectSend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. A cross-site request forgery vulnerability exists in ProjectSend. An attacker can exploit the vulnerability to perform unauthorized actions within the context of a user session...
ProjectSend Arbitrary File Upload Vulnerability
ProjectSend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. An arbitrary file upload vulnerability exists in ProjectSend. An attacker can exploit the vulnerability to upload arbitrary files to an affected application...
ProjectSend r561 Multiple Vulnerabilities
ProjectSend version r561 suffers from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities. + Author: TUNISIAN CYBER + Title: ProjectSend r561 Multiple Vulnerabilities + Date: 25-04-2015 + Vendor: http://www.projectsend.org/ +...
ProjectSend r561 CSRF / XSS / Shell Upload
Author: TUNISIAN CYBER + Title: ProjectSend Multiple Vulnerabilities + Date: 25-04-2015 + Vendor: http://www.projectsend.org/ + Download:http://www.projectsend.org/download/67/ + Type: WebAPP + Tested on: KaliLinux Debian + Twitter: @TCYB3R It's a long one so let's start... I/ CSRF: Add Admin...