Loading
Generated remediation guidance and an executive summary. No account required.
SQL injection vulnerability in client-edit.php in ProjectSend (formerly cFTP) r561 allows remote authenticated users to execute arbitrary SQL commands via the id parameter to users-edit.php.
Use CWE-89, Projectsend vendor hub and Projectsend product page to widen CVE-2015-2564 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2024-11680, CVE-2021-40887 and CVE-2023-53980 for nearby disclosures in the same product family.