CVE-2026-4045
Received Received - Intake
LDAP Injection in ProjectSend Auth.php Allows Remote Attack

Publication date: 2026-03-12

Last updated on: 2026-04-29

Assigner: VulDB

Description
A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldap_email can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with this attack. The exploitability is said to be difficult. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-12
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-03-12
EPSS Evaluated
2026-06-14
NVD
CVE-2026-4045
EUVD
EUVD-2026-11619
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
projectsend projectsend to r1945 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-203 The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.
CWE-204 The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-4045 is a vulnerability in the ProjectSend application up to revision r1945, specifically in the handling of the ldap_email parameter within the Auth.php file.

The vulnerability occurs because the ldap_email parameter is not properly sanitized before being used in an LDAP search filter. This allows an attacker to manipulate the LDAP query by appending wildcard characters.

As a result, the server responds differently depending on whether the queried email exists in the LDAP directory, creating a response discrepancy that can be observed remotely.

This discrepancy enables an attacker to perform email enumeration attacks without needing an account, potentially revealing confidential information.

The attack is considered difficult to execute due to its high complexity, but a public proof-of-concept exploit is available.

Impact Analysis

This vulnerability impacts the confidentiality of information by allowing an attacker to enumerate email addresses in the LDAP directory through observable response discrepancies.

An attacker can remotely exploit this flaw without authentication, potentially gaining unauthorized knowledge about valid email accounts.

While the vulnerability does not affect integrity or availability, the exposure of sensitive information can lead to further targeted attacks or privacy violations.

Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by identifying the presence of the vulnerable ProjectSend application up to revision r1945, specifically by checking for the file includes/Classes/Auth.php.

One suggested method is to use Google Hacking techniques to search for URLs containing inurl:includes/Classes/Auth.php to find potentially vulnerable targets.

Since the vulnerability involves manipulation of the ldap_email parameter leading to response discrepancies, network detection could involve monitoring for unusual LDAP query patterns or error message discrepancies related to ldap_email parameters.

No specific commands are provided in the available resources.

Mitigation Strategies

No known countermeasures or mitigations have been published for this vulnerability.

It is suggested to replace the affected component or the ProjectSend application version up to r1945 with an alternative product or a fixed version if available.

Since the vendor did not respond to the disclosure, and the exploit is publicly available, immediate mitigation may require restricting access to the vulnerable application or implementing network-level protections to limit exposure.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4045. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart