ProjectSend 漏洞列表

共找到 5 个与 ProjectSend 相关的漏洞

📅 加载漏洞趋势中...

ProjectSend / 权限绕过漏洞（CVE-2024-11680）无POC

日期: 2025-08-22 | 影响软件: ProjectSend

ProjectSend 是一款用于文件共享和管理的开源应用程序。该漏洞存在于 ProjectSend r1605 版本中，由于缺乏适当的授权检查，攻击者可以执行敏感操作，例如启用用户注册和自动验证，或向上传文件的允许扩展名白名单中添加新条目。这最终可能导致攻击者在服务器上执行任意 PHP 代码。
CVE-2024-11680: ProjectSend <= r1605 - Improper Authorization POC

日期: 2025-08-01 | 影响软件: ProjectSend

An improper authorization check was identified within ProjectSend version r1605 that allows an attacker to perform sensitive actions such as enabling user registration and auto validation, or adding new entries in the whitelist of allowed extensions for uploaded files. Ultimately, this allows to execute arbitrary PHP code on the server hosting the application.
CVE-2024-11680: ProjectSend <= r1605 - Improper Authorization POC

日期: 2025-08-01 | 影响软件: ProjectSend

An improper authorization check was identified within ProjectSend version r1605 that allows an attacker to perform sensitive actions such as enabling user registration and auto validation, or adding new entries in the whitelist of allowed extensions for uploaded files. Ultimately, this allows to execute arbitrary PHP code on the server hosting the application.
projectsend-installer: ProjectSend Installation Page - Exposure POC

日期: 2025-08-01 | 影响软件: projectsend-installer

Detects exposed ProjectSend installation page.
ProjectSend process-upload.php 任意文件上传漏洞无POC

日期: 2015-01-08 | 影响软件: ProjectSend

ProjectSend是一套基于PHP和MySQL的自托管应用程序。

ProjectSend / 权限绕过漏洞（CVE-2024-11680） 无POC

CVE-2024-11680: ProjectSend <= r1605 - Improper Authorization POC

CVE-2024-11680: ProjectSend <= r1605 - Improper Authorization POC

projectsend-installer: ProjectSend Installation Page - Exposure POC

ProjectSend process-upload.php 任意文件上传漏洞 无POC

ProjectSend / 权限绕过漏洞（CVE-2024-11680）无POC

ProjectSend process-upload.php 任意文件上传漏洞无POC