CVE-2017-20101 Information

Description

A vulnerability which was classified as problematic was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely.

Reference

http://seclists.org/fulldisclosure/2017/Feb/58 https://youtu.be/Xc6Jg9I7Pj4 https://vuldb.com/?id.97275