CVE-2017-9080

PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection...

PlaySms Remote Code Execution Vulnerability (CNVD-2017-10383)

PlaySMS is an open source WEB SMS platform. A remote code execution vulnerability exists in PlaySms. The vulnerability stems from poor filtering on the "sendfromfile.php" page, resulting in the construction of malformed filenames to bypass authentication, which can be exploited by an attacker to...

PlaySms 1.4 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: PlaySMS 1.4 Code Execution using $filename and Unrestricted File Upload in sendfromfile.php Date: 14-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact:...

PlaySMS 1.4 - sendfromfile.php Remote Code Execution Unrestricted File Upload

PlaySMS 1.4 - sendfromfile.php Remote Code Execution Unrestricted File Upload Exploit Title: PlaySMS 1.4 Code Execution using $filename and Unrestricted File Upload in sendfromfile.php Date: 14-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh...

PlaySMS 1.4 - '/sendfromfile.php' Remote Code Execution / Unrestricted File Upload

Exploit Title: PlaySMS 1.4 Code Execution using $filename and Unrestricted File Upload in sendfromfile.php Date: 14-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website: http://touhidshaikh.com/...