CVE-2009-0103
- EPSS 4.52%
- Veröffentlicht 09.01.2009 18:30:03
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/t...
CVE-2008-5881
- EPSS 6.22%
- Veröffentlicht 09.01.2009 18:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple directory traversal vulnerabilities in playSMS 0.9.3 allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) gateway_module parameter to plugin/gateway/gnokii/init.php and the (2) them...
CVE-2005-4432
- EPSS 7.75%
- Veröffentlicht 21.12.2005 00:03:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in index.php in PlaySMS 0.8 allows remote attackers to inject arbitrary web script or HTML via the err parameter.
CVE-2004-2263
- EPSS 1.45%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie.