4 matches found
CVE-2021-40887
Projectsend version r1295 is affected by a directory traversal vulnerability. Because of lacking sanitization input for files parameter, an attacker can add ../ to move all PHP files or any file on the system that has permissions to /upload/files/ folder...
Projectsend Directory Traversal (CVE-2021-40887)
A directory traversal vulnerability exists in Projectsend. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
CVE-2021-40887
Projectsend version r1295 is affected by a directory traversal vulnerability. Because of lacking sanitization input for files parameter, an attacker can add ../ to move all PHP files or any file on the system that has permissions to /upload/files/ folder...
CVE-2021-40887
CVE-2021-40887 affects Projectsend vR1295 and is a directory traversal vulnerability. The issue arises from lack of sanitization for the files[] input parameter, enabling an attacker to append ../ to paths and access arbitrary files within the /upload/files/ directory (or other files the web serv...