CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-1729

Malware in sbrugna...

9.8CVSS9.5AI score0.00292EPSS

Exploits0References2

NVD•added 2018/10/29 12:29 p.m.•10 views

CVE-2016-10732

ProjectSend formerly cFTP r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?fileid=1, or process-zip-download.php, or adduserform parameters to users-add.php...

9.8CVSS9.6AI score0.00403EPSS

Exploits0References1

Prion•added 2018/10/29 12:29 p.m.•7 views

Sql injection

ProjectSend formerly cFTP r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selectedclients, clients.php with the request parameter status, process-zip-download.php with the...

7.5CVSS8.3AI score0.00292EPSS

Exploits0References1Affected Software1

Prion•added 2018/10/29 12:29 p.m.•9 views

Directory traversal

ProjectSend formerly cFTP r582 allows directory traversal via file=../ in the process-zip-download.php query string...

7.5CVSS7.1AI score0.00415EPSS

Exploits0References1Affected Software1

CVE•added 2018/10/28 3:0 a.m.•38 views

CVE-2016-10731

CVE-2016-10731 affects ProjectSend (formerly cFTP) r582 and enables SQL injection via multiple PHP endpoints: manage-files.php (status, files), clients.php (selected_clients, status), process-zip-download.php (file), or home-log.php (action). Root cause: input parameters are used in SQL queries w...

9.8CVSS9.9AI score0.00292EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by