Full title: ProjectSend Arbitrary File Upload Exploit 
Category: remote exploits
Platform: php
This Metasploit module exploits a file upload vulnerability in ProjectSend revisions 100 to 561. The 'process-upload.php' file allows unauthenticated users to upload PHP files resulting in remote code execution as the web server user.

# 0day.today @ http://0day.today/