A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Feb/58 | Exploit Mailing List Third Party Advisory |
https://vuldb.com/?id.97275 | Third Party Advisory |
https://youtu.be/Xc6Jg9I7Pj4 | Exploit Third Party Advisory |
http://seclists.org/fulldisclosure/2017/Feb/58 | Exploit Mailing List Third Party Advisory |
https://vuldb.com/?id.97275 | Third Party Advisory |
https://youtu.be/Xc6Jg9I7Pj4 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 03:22
Type | Values Removed | Values Added |
---|---|---|
References | () http://seclists.org/fulldisclosure/2017/Feb/58 - Exploit, Mailing List, Third Party Advisory | |
References | () https://vuldb.com/?id.97275 - Third Party Advisory | |
References | () https://youtu.be/Xc6Jg9I7Pj4 - Exploit, Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 3.5 |
07 Jul 2022, 02:03
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-639 | |
CPE | cpe:2.3:a:projectsend:projectsend:r754:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 5.7 |
References | (MISC) https://vuldb.com/?id.97275 - Third Party Advisory | |
References | (MISC) http://seclists.org/fulldisclosure/2017/Feb/58 - Exploit, Mailing List, Third Party Advisory | |
References | (MISC) https://youtu.be/Xc6Jg9I7Pj4 - Exploit, Third Party Advisory |
27 Jun 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-27 14:15
Updated : 2024-11-21 03:22
NVD link : CVE-2017-20101
Mitre link : CVE-2017-20101
CVE.ORG link : CVE-2017-20101
JSON object : View
Products Affected
projectsend
- projectsend