mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
932 B
932 B
CVE-2009-0103
Description
Multiple PHP remote file inclusion vulnerabilities in playSMS 0.9.3 allow remote attackers to execute arbitrary PHP code via a URL in the (1) apps_path[plug] parameter to plugin/gateway/gnokii/init.php, the (2) apps_path[themes] parameter to plugin/themes/default/init.php, and the (3) apps_path[libs] parameter to lib/function.php.
POC
Reference
- http://securityreason.com/securityalert/4888
- http://securityreason.com/securityalert/4888
- https://www.exploit-db.com/exploits/7687
- https://www.exploit-db.com/exploits/7687
Github
No PoCs found on GitHub currently.