3 matches found
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9580. Reason: This candidate is not authorized for use because it is part of the 2014 CVE-ID ID-Syntax protection block, which protects against accidental truncation of CVE IDs with sequence numbers containing more than 4...
CVE-2014-1155
CVE-2014-1155 is the cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) r561, exploitable by remote attackers injecting arbitrary HTML/Script via the Description field of a file upload. Note: CVE-2014-1155 was historically mis-mapped to CVE-2014-9580; both entries reference t...
CVE-2014-9580
CVE-2014-9580 concerns a Cross-site scripting (XSS) flaw in ProjectSend (formerly cFTP) version r561. The vulnerability enables remote attackers to inject arbitrary web script or HTML via the Description field of a file upload. This is the concrete, described impact: execution of injected scripts...