ProjetSend version r582 suffers from authentication bypass, remote SQL injection, insecure direct object reference, and directory traversal / arbitrary file read vulnerabilities.

---

Filed under: exploit - @ January 30, 2016 4:53 am