A vulnerability has been found in ProjectSend r1295 (Project Management Software) and classified as critical. Affected by this vulnerability is an unknown code of the file /upload/files/. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
ProjectSend r1295 /upload/files/ files[] path traversal
- Virtual Patching
- October 12, 2021
- 9:05 am
Contact us to get started
CVE-2023-28102 : DISCORDRB ENCODER.RB FILE OS COMMAND INJECTION
Description discordrb is an implementation of the Discord API using Ruby. In discordrb before commit `91e13043ffa` the `encoder.rb` file unsafely
CVE-2022-4126 : ABB RCCMD PRIOR 4.40 230207 HARD-CODED PASSWORD
Description Use of Default Password vulnerability in ABB RCCMD on Windows, Linux, MacOS allows Try Common or Default Usernames and
CVE-2023-25655 : BASERCMS UP TO 4.7.4 UNRESTRICTED UPLOAD
Description baserCMS is a Content Management system. Prior to version 4.7.5, any file may be uploaded on the management system