CVE-2009-0103
09.01.2009, 18:30
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, and the (3) apps_path[libs] parameter to lib/function.php.
Vendor | Product | Version |
---|---|---|
playsms | playsms | 0.9.3 |
𝑥
= Vulnerable software versions
References