Lucene search
+L

176 matches found

OSV
OSV
added 2020/06/24 1:15 p.m.9 views

CVE-2020-15018

playSMS through 1.4.3 is vulnerable to session fixation...

6.5CVSS6.8AI score
Exploits0References1
Prion
Prion
added 2020/06/24 1:15 p.m.11 views

Session fixation

playSMS through 1.4.3 is vulnerable to session fixation...

6.4CVSS6.5AI score0.00896EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/06/24 1:15 p.m.11 views

CVE-2020-15018

playSMS through 1.4.3 is vulnerable to session fixation...

6.5CVSS6.4AI score0.00896EPSS
Exploits1References2
CVE
CVE
added 2020/06/24 12:37 p.m.37 views

CVE-2020-15018

CVE-2020-15018 affects playSMS up to version 1.4.3 and is described as vulnerable to session fixation. Connected sources indicate an attacker could leverage this issue to establish or hijack a user session and take control of a user’s account, implying impact to authentication/session integrity. ...

6.5CVSS6.4AI score0.00896EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/06/24 12:37 p.m.15 views

CVE-2020-15018

playSMS through 1.4.3 is vulnerable to session fixation...

6.5AI score0.00896EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2020/04/16 12:0 a.m.173 views

PlaySMS - index.php Unauthenticated Template Injection Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PlaySMS index.php Unauthenticated Template Injection Code Execution', 'Description' = %q This module exploits a preauth Server-Side Template...

9.8CVSS9.6AI score0.86689EPSS
Exploits6
Packet Storm
Packet Storm
added 2020/04/06 12:0 a.m.224 views

PlaySMS index.php Unauthenticated Template Injection Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PlaySMS index.php Unauthenticated Template Injection Code Execution', 'Description' = %q This module exploits a preauth Server-Side Template...

7.5CVSS0.3AI score0.86689EPSS
Exploits6
0day.today
0day.today
added 2020/04/06 12:0 a.m.72 views

PlaySMS Unauthenticated Template Injection Code Execution Exploit

This Metasploit module exploits a preauth Server-Side Template Injection vulnerability that leads to remote code execution in PlaySMS before version 1.4.3. This issue is caused by double processing a server-side template with a custom PHP template system called TPL which is used in the PlaySMS...

9.8CVSS0.4AI score0.86689EPSS
Exploits6
Metasploit
Metasploit
added 2020/04/03 2:21 p.m.68 views

PlaySMS index.php Unauthenticated Template Injection Code Execution

This module exploits a preauth Server-Side Template Injection vulnerability that leads to remote code execution in PlaySMS before version 1.4.3. This issue is caused by double processing a server-side template with a custom PHP template system called 'TPL' which is used in the PlaySMS template...

9.8CVSS10AI score0.86689EPSS
Exploits6
Exploit DB
Exploit DB
added 2020/03/11 12:0 a.m.223 views

PlaySMS 1.4.3 - Template Injection / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'PlaySMS 1.4.3 Pre Auth Template Injection Remote Code Execution', 'Description' = %q This module exploits a Preauth Server-Side Template Injectio...

9.8CVSS9.8AI score0.86689EPSS
Exploits6
CNVD
CNVD
added 2020/02/11 12:0 a.m.19 views

Unspecified Vulnerability in PlaySMS

PlaySMS is a web-based SMS platform. The platform supports connectivity to SMS gateways, personal messaging systems, and corporate group communication tools. A security vulnerability exists in PlaySMS. The vulnerability stems from a web-based system or product that does not properly validate...

9.8CVSS6.9AI score0.86689EPSS
Exploits6References1
NVD
NVD
added 2020/02/05 10:15 p.m.14 views

CVE-2020-8644

PlaySMS before 1.4.3 does not sanitize inputs from a malicious string...

9.8CVSS9.5AI score0.86689EPSS
Exploits6References5
OSV
OSV
added 2020/02/05 10:15 p.m.17 views

CVE-2020-8644

PlaySMS before 1.4.3 does not sanitize inputs from a malicious string...

9.8CVSS6.7AI score0.86689EPSS
Exploits6References5
Prion
Prion
added 2020/02/05 10:15 p.m.16 views

Design/Logic Flaw

PlaySMS before 1.4.3 does not sanitize inputs from a malicious string...

7.5CVSS9.3AI score0.86689EPSS
Exploits6References4Affected Software1
CVE
CVE
added 2020/02/05 9:3 p.m.1109 views

CVE-2020-8644

CVE-2020-8644 affects PlaySMS pre-1.4.3, where a server-side template injection leads to remote code execution. The root cause is double processing of a server-side template (TPL) in the PlaySMS template engine, enabling arbitrary code execution via unauthenticated input. Affected version: before...

9.8CVSS9.2AI score0.86689EPSS
In wildExploits6References5Affected Software1
Vulnrichment
Vulnrichment
added 2020/02/05 9:3 p.m.7 views

CVE-2020-8644

PlaySMS before 1.4.3 does not sanitize inputs from a malicious string...

9.5AI score0.86689EPSS
Exploits6References4
Cvelist
Cvelist
added 2020/02/05 9:3 p.m.34 views

CVE-2020-8644

PlaySMS before 1.4.3 does not sanitize inputs from a malicious string...

9.4AI score0.86689EPSS
Exploits6References4
ATTACKERKB
ATTACKERKB
added 2020/02/05 12:0 a.m.34 views

CVE-2020-8644

PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. Recent assessments: touhidshaikh at March 12, 2020 4:40pm UTC reported: Description This module exploits a Preauth Server-Side Template Injection leads remote code execution vulnerability in PlaySMS Before Version 1.4.3. This...

9.8CVSS9.8AI score0.86689EPSS
In wildExploits6References7
CNVD
CNVD
added 2018/10/30 12:0 a.m.4 views

playSMS Elevation of Privilege Vulnerability

PlaySMS is a web-based SMS platform. The platform supports connectivity to SMS gateways, personal messaging systems, and corporate group communication tools. A power-up vulnerability exists in PlaySMS 1.4.2 and earlier versions. No detailed vulnerability details are provided at this time...

9CVSS8.7AI score0.01795EPSS
Exploits0References1
OSV
OSV
added 2018/10/29 6:29 p.m.18 views

CVE-2018-18387

playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse...

8.8CVSS6.9AI score0.01795EPSS
Exploits0References1
Rows per page
Query Builder