Description
A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely.
Remediation
References
Related Vulnerabilities
Drupal Core 9.0.x Cross-Site Scripting (9.0.0 - 9.0.13)
Plone CMS Resource Management Errors Vulnerability (CVE-2013-4188)
WordPress Plugin Form Vibes-Database Manager for Forms Unspecified Vulnerability (1.4.2)
Ruby on Rails Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-8166)
Oracle Database Server CVE-2015-4794 Vulnerability (CVE-2015-4794)