cve/CVE-2016-10731.md at 41fbf31e3d6076a9d40c80bb3e1e4187f08a58e2

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 18:27:17 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request parameter status, process-zip-download.php with the request parameter file, or home-log.php with the request parameter action.

POC

Reference

No PoCs from references.

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/sandboxescape/ProjectSend-multiple-vulnerabilities

896 B Raw Blame History

CVE-2016-10731

Description

POC

Reference

Github

896 B

Raw Blame History