DarkS3curity

CVE-2017-9080 METASPLOIT HIGH ruby WORKING POC

PlaySMS 1.4 - RCE

PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.

CVSS 8.8

View Code

CVE-2017-9080 EXPLOITDB HIGH ruby WORKING POC

PlaySMS 1.4 - RCE

PlaySMS 1.4 allows remote code execution because PHP code in the name of an uploaded .php file is executed. sendfromfile.php has a combination of Unrestricted File Upload and Code Injection.

CVSS 8.8

View Code