qdPM Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2023-45856)
Description
qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI.
Looking for the vulnerability index of Invicti's legacy products?