3 matches found
CVE-2017-9504
CVE-2017-9504 is a reservation duplicate of CVE-2017-9741 and, per linked records, affects ProjectSend r754. The vulnerability is in install/make-config.php, allowing remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLES_PREFIX in the configuration...
CVE-2017-9741
install/make-config.php in ProjectSend r754 allows remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLESPREFIX in the configuration file...
CVE-2017-9741
CVE-2017-9741 affects ProjectSend (r754). The install/make-config.php file is vulnerable to remote PHP code execution via the dbprefix parameter, due to replacing TABLES_PREFIX in the configuration file. This leads to arbitrary code execution on affected installations. Connected records confirm t...