| 제목 | ProjectSend ProjectSend file sharing web application r1605 Authentication Bypass Issues |
|---|
| 설명 | ProjectSend file sharing web application is generating the reset password token using rand PHP function which is predictable, this leads to unauthenticated Account Take Over for any user including administrator account. |
|---|
| 원천 | ⚠️ https://github.com/projectsend/projectsend/commit/aa27eb97edc2ff2b203f97e6675d7b5ba0a22a17 |
|---|
| 사용자 | Casp3r0x0 (UID 64832) |
|---|
| 제출 | 2024. 08. 02. PM 12:47 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 08. 10. AM 10:00 (8 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 274116 [projectsend 까지 r1605 Password Reset Token includes/functions.php generate_random_string 약한 암호화] |
|---|
| 포인트들 | 16 |
|---|