5 matches found
CVE-2017-9080
creationtimestamp| type| source ---|---|--- 2018-05-08 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44599 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/playsmsfilenameexec.rb 2025-02-06 03:13:43+00:00| see...
CVE-2017-9080
PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection...
CVE-2017-9080
PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection...
CVE-2017-9080
CVE-2017-9080 affects PlaySMS 1.4, where the file upload mechanism in the PHP file sendfromfile.php can be abused to achieve remote code execution. The vulnerability combines an Unrestricted File Upload with Code Injection via the name of an uploaded PHP file, allowing authenticated users to uplo...
CVE-2017-9080
PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection...