EUVD-2023-60242

ProjectSend r1605 contains a remote code execution vulnerability that allows attackers to upload malicious files by manipulating file extensions. Attackers can upload shell scripts with disguised extensions through the upload.process.php endpoint to execute arbitrary commands on the server...

PT-2025-52717

Name of the Vulnerable Software and Affected Versions ProjectSend version r1605 Description ProjectSend r1605 contains a remote code execution issue that allows attackers to upload malicious files by manipulating file extensions. Attackers can upload shell scripts with disguised extensions throug...

PT-2024-39038 · Unknown · Job Portal

Name of the Vulnerable Software and Affected Versions: Job Portal versions affected versions not specified Description: A Cross-Site Scripting XSS issue exists due to insufficient encryption of user-controlled input. This could allow an attacker to retrieve the session details of an authenticated...

PT-2024-26384

Name of the Vulnerable Software and Affected Versions Campcodes Online Event Management System version 1.0 Description A critical issue has been discovered, affecting the /api/process.php file. The manipulation of the userId argument leads to sql injection, allowing remote attacks. The issue has...

PT-2022-12349 · Reprise · Reprise License Manager

Name of the Vulnerable Software and Affected Versions: Reprise License Manager version 14.2 Description: The issue is a reflected cross-site scripting vulnerability in the "/goform/activate process" API endpoint, specifically in the count parameter, which can be exploited via GET requests. No...