fkie_cve-2014-9567
Vulnerability from fkie_nvd
Published
2015-01-07 18:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/ directory.
References
cve@mitre.orghttp://osvdb.org/show/osvdb/116469
cve@mitre.orghttp://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.htmlExploit
cve@mitre.orghttp://www.exploit-db.com/exploits/35424Exploit
cve@mitre.orghttp://www.exploit-db.com/exploits/35660Exploit
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/99548
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/show/osvdb/116469
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.htmlExploit
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/35424Exploit
af854a3a-2127-422b-91ae-364da2661108http://www.exploit-db.com/exploits/35660Exploit
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/99548
Impacted products
Vendor Product Version
projectsend projectsend 100
projectsend projectsend 102
projectsend projectsend 105
projectsend projectsend 110
projectsend projectsend 155
projectsend projectsend 156
projectsend projectsend 157
projectsend projectsend 161
projectsend projectsend 180
projectsend projectsend 335
projectsend projectsend 375
projectsend projectsend 405
projectsend projectsend 412
projectsend projectsend 514
projectsend projectsend 561


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:100:*:*:*:*:*:*:*",
              "matchCriteriaId": "F87320C8-4D6F-4CAC-93B9-F8EF3A5C1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:102:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDC822AF-0488-45B8-9EC8-7D94995265C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:105:*:*:*:*:*:*:*",
              "matchCriteriaId": "11596B07-16C3-4C7C-B684-1BEFA70D4046",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:110:*:*:*:*:*:*:*",
              "matchCriteriaId": "92687D64-8F2D-4940-B168-8EA326B76148",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:155:*:*:*:*:*:*:*",
              "matchCriteriaId": "252EB0CF-8902-4201-AC53-8DAA3793D992",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:156:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A8AD5FE-5CA4-4052-8F6C-64EED6C2A16D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:157:*:*:*:*:*:*:*",
              "matchCriteriaId": "04C57170-CA83-46BB-9880-3A7CAB599231",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:161:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EA81EA7-926C-418A-9252-427A3A75A466",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:180:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DD6D280-FC7E-4957-B35E-8A214A5D64F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:335:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AB729AB-5923-4AC7-91A2-8E4B9698C711",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:375:*:*:*:*:*:*:*",
              "matchCriteriaId": "19859A6F-8F10-4F4B-8B72-B2F1CACBAD67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:405:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC4FDC81-29F7-4ADE-8F47-A4BB72E39F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:412:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4293D9E-66F0-431B-91A1-005840A7086A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:514:*:*:*:*:*:*:*",
              "matchCriteriaId": "D47FC52F-F30D-43EC-9256-B75CEAF6E3AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:projectsend:projectsend:561:*:*:*:*:*:*:*",
              "matchCriteriaId": "7993379B-E309-4B51-8E06-01AB807D2ACC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/ directory."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de la subida de ficheros sin restricciones en process-upload.php en ProjectSend (anteriormente cFTP) r100 hasta r561 permite a atacantes remotos ejecutar c\u00f3digo PHP arbitrario mediante la subida de un fichero con una extensi\u00f3n PHP, posteriormente accediendo a ello a trav\u00e9s de una solicitud directa al fichero en el directorio upload/files/ or upload/temp/."
    }
  ],
  "id": "CVE-2014-9567",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-01-07T18:59:02.730",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/show/osvdb/116469"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/35424"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/35660"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99548"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/show/osvdb/116469"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.com/files/129759/ProjectSend-Arbitrary-File-Upload.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/35424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.exploit-db.com/exploits/35660"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99548"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.