CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

OSV•added 2026/01/29 12:48 a.m.•3 views

CGA-R754-VX36-9QRF

Bulletin has no description...

7.5CVSS5.8AI score0.00644EPSS

Exploits0

OSV•added 2022/06/27 2:15 p.m.•15 views

CVE-2017-20101

A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zipdownload. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely...

5.7CVSS6.5AI score

Exploits0References3

CVE•added 2022/06/27 1:25 p.m.•37 views

CVE-2017-20101

CVE-2017-20101 affects ProjectSend r754. A vulnerability in the file/process: process.php?do=zip_download allows manipulation of the argument client/file, leading to information disclosure. The flaw is exploitable remotely. Connected documents confirm the impact as an information disclosure vulne...

5.7CVSS4.5AI score0.00139EPSS

Exploits1References3Affected Software1

CNNVD•added 2022/06/27 12:0 a.m.•1 views

ProjectSend 信息泄露漏洞

ProjectSend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. A security vulnerability exists in ProjectSend version r754, where the source application provides direct access to an object-based application that allows an attacker to bypass authorization and...

5.7CVSS6AI score0.00139EPSS

Exploits1References5

OSV•added 2017/06/18 9:29 p.m.•11 views

CVE-2017-9741

install/make-config.php in ProjectSend r754 allows remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLESPREFIX in the configuration file...

9.8CVSS7.9AI score

Exploits0References1

Cvelist•added 2017/06/18 9:0 p.m.•13 views

CVE-2017-9741

install/make-config.php in ProjectSend r754 allows remote attackers to execute arbitrary PHP code via the dbprefix parameter, related to replacing TABLESPREFIX in the configuration file...

9.8AI score0.00799EPSS

Exploits1References1

CVE•added 2017/06/18 9:0 p.m.•39 views

CVE-2017-9741

CVE-2017-9741 affects ProjectSend (r754). The install/make-config.php file is vulnerable to remote PHP code execution via the dbprefix parameter, due to replacing TABLES_PREFIX in the configuration file. This leads to arbitrary code execution on affected installations. Connected records confirm t...

9.8CVSS9.7AI score0.00799EPSS

Exploits1References1Affected Software1

0day.today•added 2017/02/22 12:0 a.m.•27 views

ProjectSend r754 - Insecure Direct Object Reference Vulnerability

Exploit for php platform in category web applications Document Title: =============== ProjectSend r754 - IDOR & Authentication Bypass Vulnerability Product & Service Introduction: =============================== ProjectSend is a self-hosted application you can install it easily on your own VPS or...

7.1AI score

Exploits0

exploitpack•added 2017/02/21 12:0 a.m.•20 views

ProjectSend r754 - Insecure Direct Object Reference

ProjectSend r754 - Insecure Direct Object Reference Document Title: =============== ProjectSend r754 - IDOR & Authentication Bypass Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2031 Release Date: ============= 2017-02-21 Vulnerability...

7.4AI score

Exploits0

Vulnerability Lab•added 2017/02/21 12:0 a.m.•19 views

ProjectSend r754 - IDOR & Authentication Bypass

Document Title: =============== ProjectSend r754 - IDOR & Authentication Bypass References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2031 Release Date: ============= 2017-02-21 Vulnerability Laboratory ID VL-ID: ==================================== 2031 Comm...

0.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by