OR
     *cpe:2.3:a:playsms:playsms:1.4.4:*:*:*:*:*:*:*
     *cpe:2.3:a:playsms:playsms:1.4.5:*:*:*:*:*:*:*
     *cpe:2.3:a:playsms:playsms:1.4.6:*:*:*:*:*:*:*
     *cpe:2.3:a:playsms:playsms:1.4.7:*:*:*:*:*:*:*

NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

https://vuldb.com/?ctiid.277524 No Types Assigned

https://vuldb.com/?ctiid.277524 Permissions Required

https://vuldb.com/?id.277524 No Types Assigned

https://vuldb.com/?id.277524 Third Party Advisory

https://vuldb.com/?submit.406095 No Types Assigned

https://vuldb.com/?submit.406095 Exploit, Third Party Advisory

VulDB (AV:N/AC:H/Au:N/C:P/I:P/A:P)

VulDB AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

VulDB CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

VulDB CWE-94

A vulnerability classified as critical has been found in playSMS 1.4.4/1.4.5/1.4.6/1.4.7. Affected is an unknown function of the file /playsms/index.php?app=main&inc=core_auth&route=forgot&op=forgot of the component Template Handler. The manipulation of the argument username/email/captcha leads to code injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and ma

VulDB https://vuldb.com/?ctiid.277524 [No types assigned]

VulDB https://vuldb.com/?id.277524 [No types assigned]

VulDB https://vuldb.com/?submit.406095 [No types assigned]