Browse all 6 CVE security advisories affecting projectsend. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2023-53980 | ProjectSend r1605 Remote Code Execution via File Extension Manipulation — projectSendCWE-434 | 9.8 | Critical | 2025-12-22 |
| CVE-2023-53930 | ProjectSend r1605 Insecure Direct Object Reference File Download Vulnerability — projectSendCWE-639 | 7.5 | High | 2025-12-17 |
| CVE-2023-53905 | ProjectSend r1605 CSV Injection via User Account Export Functionality — projectSendCWE-1236 | 8.0 | High | 2025-12-17 |
| CVE-2023-53906 | ProjectSend r1605 Stored Cross-Site Scripting via Custom Assets Page — projectSendCWE-79 | 4.8 | Medium | 2025-12-17 |
| CVE-2024-11680 | ProjectSend Unauthenticated Configuration Modification — ProjectSendCWE-306 | 9.8 | Critical | 2024-11-26 |
| CVE-2023-0607 | Cross-site Scripting (XSS) - Stored in projectsend/projectsend — projectsend/projectsendCWE-79 | 5.4 | - | 2023-02-01 |
This page lists every published CVE security advisory associated with projectsend. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.