PT-2025-52717

Name of the Vulnerable Software and Affected Versions ProjectSend version r1605 Description ProjectSend r1605 contains a remote code execution issue that allows attackers to upload malicious files by manipulating file extensions. Attackers can upload shell scripts with disguised extensions throug...

ProjectSend 代码问题漏洞

ProjectSend cFTP is the ProjectSend open source suite of self-hosted applications based on PHP and MySQL. A code issue vulnerability exists in ProjectSend version r1605, which stems from a vulnerability that allows an attacker to upload malicious files by manipulating file extensions...

ProjectSend 安全漏洞

ProjectSend cFTP is the ProjectSend open source suite of self-hosted applications based on PHP and MySQL. A security vulnerability exists in ProjectSend r1605 that originates from an unauthenticated attacker who can download private files by manipulating the download ID parameter, which could lea...

ProjectSend 跨站脚本漏洞

ProjectSend cFTP is the ProjectSend open source suite of self-hosted applications based on PHP and MySQL. A cross-site scripting vulnerability exists in ProjectSend version r1605, which stems from improper cleanup of custom asset configuration pages and could lead to a stored cross-site scripting...