From d75ed350db89e18efd1dad1ea684fceae754239d Mon Sep 17 00:00:00 2001
From: jenkins-metasploit <jenkins-metasploit@build-production.r7ops.com>
Date: Thu, 21 Nov 2024 17:59:45 +0000
Subject: [PATCH] automatic module_metadata_base.json update

---
 db/modules_metadata_base.json | 62 +++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)

diff --git a/db/modules_metadata_base.json b/db/modules_metadata_base.json
index 494c9651ac0c..b6e39a03b25e 100644
--- a/db/modules_metadata_base.json
+++ b/db/modules_metadata_base.json
@@ -80774,6 +80774,68 @@
     "session_types": false,
     "needs_cleanup": null
   },
+  "exploit_linux/http/projectsend_unauth_rce": {
+    "name": "ProjectSend r1295 - r1605 Unauthenticated Remote Code Execution",
+    "fullname": "exploit/linux/http/projectsend_unauth_rce",
+    "aliases": [
+
+    ],
+    "rank": 600,
+    "disclosure_date": "2024-07-19",
+    "type": "exploit",
+    "author": [
+      "Florent Sicchio",
+      "Hugo Clout",
+      "ostrichgolf"
+    ],
+    "description": "This module exploits an improper authorization vulnerability in ProjectSend versions r1295 through r1605.\n          The vulnerability allows an unauthenticated attacker to obtain remote code execution by enabling user registration,\n          disabling the whitelist of allowed file extensions, and uploading a malicious PHP file to the server.",
+    "references": [
+      "URL-https://github.com/projectsend/projectsend/commit/193367d937b1a59ed5b68dd4e60bd53317473744",
+      "URL-https://www.synacktiv.com/sites/default/files/2024-07/synacktiv-projectsend-multiple-vulnerabilities.pdf"
+    ],
+    "platform": "",
+    "arch": "",
+    "rport": 80,
+    "autofilter_ports": [
+      80,
+      8080,
+      443,
+      8000,
+      8888,
+      8880,
+      8008,
+      3000,
+      8443
+    ],
+    "autofilter_services": [
+      "http",
+      "https"
+    ],
+    "targets": [
+      "PHP Command"
+    ],
+    "mod_time": "2024-08-30 20:22:52 +0000",
+    "path": "/modules/exploits/linux/http/projectsend_unauth_rce.rb",
+    "is_install_path": true,
+    "ref_name": "linux/http/projectsend_unauth_rce",
+    "check": true,
+    "post_auth": false,
+    "default_credential": false,
+    "notes": {
+      "Stability": [
+        "crash-safe"
+      ],
+      "Reliability": [
+        "repeatable-session"
+      ],
+      "SideEffects": [
+        "artifacts-on-disk",
+        "ioc-in-logs"
+      ]
+    },
+    "session_types": false,
+    "needs_cleanup": null
+  },
   "exploit_linux/http/pulse_secure_cmd_exec": {
     "name": "Pulse Secure VPN Arbitrary Command Execution",
     "fullname": "exploit/linux/http/pulse_secure_cmd_exec",