CVE-2014-9567
ProjectSend - Arbitrary File Upload
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
5
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/ directory.
Vulnerabilidad de la subida de ficheros sin restricciones en process-upload.php en ProjectSend (anteriormente cFTP) r100 hasta r561 permite a atacantes remotos ejecutar código PHP arbitrario mediante la subida de un fichero con una extensión PHP, posteriormente accediendo a ello a través de una solicitud directa al fichero en el directorio upload/files/ or upload/temp/.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2014-12-02 First Exploit
- 2015-01-07 CVE Reserved
- 2015-01-07 CVE Published
- 2023-08-02 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-94: Improper Control of Generation of Code ('Code Injection')
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/show/osvdb/116469 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/99548 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/35660 | 2014-12-31 | |
| https://www.exploit-db.com/exploits/35424 | 2014-12-02 | |
| http://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.html | 2024-08-06 | |
| http://www.exploit-db.com/exploits/35424 | 2024-08-06 | |
| http://www.exploit-db.com/exploits/35660 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 100 Search vendor "Projectsend" for product "Projectsend" and version "100" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 102 Search vendor "Projectsend" for product "Projectsend" and version "102" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 105 Search vendor "Projectsend" for product "Projectsend" and version "105" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 110 Search vendor "Projectsend" for product "Projectsend" and version "110" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 155 Search vendor "Projectsend" for product "Projectsend" and version "155" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 156 Search vendor "Projectsend" for product "Projectsend" and version "156" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 157 Search vendor "Projectsend" for product "Projectsend" and version "157" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 161 Search vendor "Projectsend" for product "Projectsend" and version "161" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 180 Search vendor "Projectsend" for product "Projectsend" and version "180" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 335 Search vendor "Projectsend" for product "Projectsend" and version "335" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 375 Search vendor "Projectsend" for product "Projectsend" and version "375" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 405 Search vendor "Projectsend" for product "Projectsend" and version "405" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 412 Search vendor "Projectsend" for product "Projectsend" and version "412" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 514 Search vendor "Projectsend" for product "Projectsend" and version "514" | - |
Affected
| ||||||
| Projectsend Search vendor "Projectsend" | Projectsend Search vendor "Projectsend" for product "Projectsend" | 561 Search vendor "Projectsend" for product "Projectsend" and version "561" | - |
Affected
| ||||||