OR
     *cpe:2.3:a:projectsend:projectsend:*:*:*:*:*:*:*:* versions up to (excluding) r1720

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

NIST CWE-639

https://github.com/projectsend/projectsend/commit/eb5a04774927e5855b9d0e5870a2aae5a3dc5a08 No Types Assigned

https://github.com/projectsend/projectsend/commit/eb5a04774927e5855b9d0e5870a2aae5a3dc5a08 Patch

https://github.com/projectsend/projectsend/releases/tag/r1720 No Types Assigned

https://github.com/projectsend/projectsend/releases/tag/r1720 Release Notes

https://vuldb.com/?ctiid.274115 No Types Assigned

https://vuldb.com/?ctiid.274115 Permissions Required, VDB Entry

https://vuldb.com/?id.274115 No Types Assigned

https://vuldb.com/?id.274115 Third Party Advisory, VDB Entry

https://vuldb.com/?submit.385000 No Types Assigned

https://vuldb.com/?submit.385000 Third Party Advisory, VDB Entry

VulDB (AV:N/AC:L/Au:N/C:P/I:N/A:N)

VulDB AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

VulDB CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

VulDB CWE-99

A vulnerability, which was classified as problematic, has been found in projectsend up to r1605. This issue affects the function get_preview of the file process.php. The manipulation leads to improper control of resource identifiers. The attack may be initiated remotely. Upgrading to version r1720 is able to address this issue. The patch is named eb5a04774927e5855b9d0e5870a2aae5a3dc5a08. It is recommended to upgrade the affected component.

VulDB https://github.com/projectsend/projectsend/commit/eb5a04774927e5855b9d0e5870a2aae5a3dc5a08 [No types assigned]

VulDB https://github.com/projectsend/projectsend/releases/tag/r1720 [No types assigned]

VulDB https://vuldb.com/?ctiid.274115 [No types assigned]

VulDB https://vuldb.com/?id.274115 [No types assigned]

VulDB https://vuldb.com/?submit.385000 [No types assigned]