PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
playsms playsms 1.4 |