CVE-2004-2263

PlaySMS <0.7 - SQL Injection

Title source: llm

Description

SQL injection vulnerability in the valid function in fr_left.php in PlaySMS 0.7 and earlier allows remote attackers to modify SQL statements via the vc2 cookie.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Noam Rathaus · perlremotelinux

https://www.exploit-db.com/exploits/404

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/17031

[Exploit, Vendor Advisory] http://www.securiteam.com/unixfocus/5UP0F2ADPS.html

[Patch] http://www.osvdb.org/8984

[Exploit, Patch] http://www.securityfocus.com/bid/10970

[Patch] http://sourceforge.net/project/shownotes.php?release_id=254915

[Patch] http://securitytracker.com/id?1010984

Scores

EPSS 0.0145

EPSS Percentile 80.9%

Details

Status published

Products (2)

playsms/playsms 0.6

playsms/playsms 0.7

Published Dec 31, 2004

Tracked Since Feb 18, 2026