4 matches found
Exploit for Improper Authentication in Projectsend
CVE-2024-11680 PoC Exploit This repository contains a Proof of...
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023, was not...
CVE-2024-11680 ProjectSend Unauthenticated Configuration Modification
ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation...
CVE-2024-11680
creationtimestamp| type| source ---|---|--- 2024-11-21 17:59:45+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/projectsendunauthrce.rb 2024-11-26 09:58:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113548665618022004 2024-11-27...