Vulnerabilities > Playsms > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-06-22 CVE-2024-6251 Cross-site Scripting vulnerability in Playsms 1.4.3
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3.
network
low complexity
playsms CWE-79
6.1
6.1
2020-06-24 CVE-2020-15018 Session Fixation vulnerability in Playsms
playSMS through 1.4.3 is vulnerable to session fixation.
network
low complexity
playsms CWE-384
6.4
6.4
2017-05-19 CVE-2017-9080 Unrestricted Upload of File with Dangerous Type vulnerability in Playsms 1.4
PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed.
network
low complexity
playsms CWE-434
6.5
6.5
2005-12-21 CVE-2005-4432 Cross-Site Scripting vulnerability in Playsms 0.8
Cross-site scripting (XSS) vulnerability in index.php in PlaySMS 0.8 allows remote attackers to inject arbitrary web script or HTML via the err parameter.
network
playsms
4.3
4.3