SunshineOtaku/Report-CVE

Releases0

Used to report vulnerabilities to the CVE official

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-45855 ↗	Oct 14, 2023Saturday, 14 October 2023, 05:15	7.5 HIGH	—
qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI.
CVE-2023-45856 ↗	Oct 14, 2023Saturday, 14 October 2023, 05:15	9.8 CRITICAL	—
qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI.