Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
projectsend vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2015-2564
SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php.
Projectsend Projectsend 561
1 EDB exploit
NA
CVE-2014-1155
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9580. Reason: This candidate is not authorized for use because it is part of the 2014 CVE-ID ID-Syntax protection block, which protects against accidental truncation of CVE IDs with sequence numbers containin...
1 EDB exploit
4.3
CVSSv2
CVE-2014-9580
Cross-site scripting (XSS) vulnerability in ProjectSend (formerly cFTP) r561 allows remote malicious users to inject arbitrary web script or HTML via the Description field in a file upload. NOTE: this issue was originally incorrectly mapped to CVE-2014-1155; see CVE-2014-1155 for...
Projectsend Projectsend 561
1 EDB exploit
7.5
CVSSv2
CVE-2014-9567
Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote malicious users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/fil...
Projectsend Projectsend 156
Projectsend Projectsend 102
Projectsend Projectsend 105
Projectsend Projectsend 375
Projectsend Projectsend 405
Projectsend Projectsend 157
Projectsend Projectsend 561
Projectsend Projectsend 100
Projectsend Projectsend 161
Projectsend Projectsend 180
Projectsend Projectsend 335
Projectsend Projectsend 110
Projectsend Projectsend 155
Projectsend Projectsend 412
Projectsend Projectsend 514
2 EDB exploits
5
CVSSv2
CVE-2011-3713
cFTP r80 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/session_check.php and certain other files.
Powerdrummer Cftp R80
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3