📦 Projectsend
by Projectsend
🔍 What is Projectsend?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2023-53980 is a critical remote code execution vulnerability in ProjectSend r1605 that allows attackers to upload malicious files with disguised extensions. This enables execution of arbitrary com...
CVE-2024-11680 is an authentication bypass vulnerability in ProjectSend file sharing software. Unauthenticated attackers can modify application configuration via crafted HTTP requests to options.php, ...
CVE-2021-40887 is a critical directory traversal vulnerability in ProjectSend file sharing software that allows attackers to upload arbitrary files to any location on the server. This affects all user...
CVE-2023-53930 is an insecure direct object reference vulnerability in ProjectSend r1605 that allows unauthenticated attackers to download private files by manipulating the download ID parameter. Atta...
ProjectSend r1605 contains a CSV injection vulnerability where authenticated users can embed malicious formulas in user profile names. When administrators export action logs as CSV files and open them...
Projectsend r1295 has an authorization bypass vulnerability that allows users with uploader role to download and edit all files in the application. This occurs due to missing authorization checks in t...
CVE-2023-53906 is a stored cross-site scripting vulnerability in projectSend r1605 that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page....
This vulnerability in ProjectSend allows improper control of resource identifiers in the get_preview function of process.php, potentially enabling unauthorized access to files. It affects ProjectSend ...