| عنوان | ProjectSend ProjectSend file sharing web application r1605 Authentication Bypass Issues |
|---|
| الوصف | ProjectSend file sharing web application is generating the reset password token using rand PHP function which is predictable, this leads to unauthenticated Account Take Over for any user including administrator account. |
|---|
| المصدر | ⚠️ https://github.com/projectsend/projectsend/commit/aa27eb97edc2ff2b203f97e6675d7b5ba0a22a17 |
|---|
| المستخدم | Casp3r0x0 (UID 64832) |
|---|
| ارسال | 02/08/2024 12:47 PM (2 سنوات منذ) |
|---|
| الاعتدال | 10/08/2024 10:00 AM (8 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 274116 [projectsend حتى r1605 Password Reset Token includes/functions.php generate_random_string تشفير ضعيف] |
|---|
| النقاط | 16 |
|---|