CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-10732

ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.9%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/sandboxescape/ProjectSend-multiple-vulnerabilities/
https://github.com/sandboxescape/ProjectSend-multiple-vulnerabilities/

Products affected by CVE-2016-10732

Projectsend » Projectsend » Version: 582

cpe:2.3:a:projectsend:projectsend:582

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10732

Products

Pricing

Contact Us