Lucene search
K

6 matches found

Nuclei
Nuclei
added yesterday65 views

playSMS <1.4.3 - Remote Code Execution

PlaySMS before version 1.4.3 is susceptible to remote code execution because it double processes a server-side template. id: CVE-2020-8644 info: name: playSMS 1.4.3 - Remote Code Execution author: dbrwsky severity: critical description: PlaySMS before version 1.4.3 is susceptible to remote code...

9.8CVSS7.4AI score0.86689EPSS
Exploits6References5
Tenable Nessus
Tenable Nessus
added 2023/01/04 12:0 a.m.142 views

PlaySMS < 1.4.3 RCE (CVE-2020-8644)

Binary data playsmscve-2020-8644.nbin...

9.8CVSS9.5AI score0.86689EPSS
Exploits6References3
Check Point Advisories
Check Point Advisories
added 2021/11/16 12:0 a.m.28 views

PlaySMS index.php Remote Code Execution (CVE-2020-8644)

A remote code execution vulnerability exists in PlaySMS. Successful exploitation could allow a remote attacker to execute arbitrary code on the affected system...

7.5CVSS9.5AI score0.86689EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.171 views

PlaySMS - index.php Unauthenticated Template Injection Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PlaySMS index.php Unauthenticated Template Injection Code Execution', 'Description' = %q This module exploits a preauth Server-Side Template...

9.8CVSS9.6AI score0.86689EPSS
Exploits6
Circl
Circl
added 2020/04/03 2:31 p.m.21 views

CVE-2020-8644

creationtimestamp| type| source ---|---|--- 2020-04-03 14:31:14+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/playsmstemplateinjection.rb 2020-04-16 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/48335 2021-11-08 08:58:19+00:00...

9.8CVSS7.3AI score0.86689EPSS
Exploits6References7
CVE
CVE
added 2020/02/05 9:3 p.m.1106 views

CVE-2020-8644

CVE-2020-8644 affects PlaySMS pre-1.4.3, where a server-side template injection leads to remote code execution. The root cause is double processing of a server-side template (TPL) in the PlaySMS template engine, enabling arbitrary code execution via unauthenticated input. Affected version: before...

9.8CVSS9.2AI score0.86689EPSS
In wildExploits6References5Affected Software1
Rows per page
Query Builder