Skip to main content
CVE-2014-9567 HIGH POC THREAT Act Now

Unrestricted file upload vulnerability in process-upload.php in ProjectSend (formerly cFTP) r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 82.9%.

RCE PHP Code Injection File Upload Projectsend
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
82.9%
Threat
5.5
CVE-2015-0361 HIGH PATCH This Week

Use-after-free vulnerability in Xen 4.2.x, 4.3.x, and 4.4.x allows remote domains to cause a denial of service (system crash) via a crafted hypercall during HVM guest teardown. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Xen Opensuse
NVD
CVSS 2.0
7.8
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy