← back
CVE-2017-9101

CVE-2017-9101

EPSS 76.7%
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.
Affected products
n/a · n/a
public PoCs found5
githubgithub.com/jasperla/CVE-2017-910114cve_referencewww.exploit-db.com/exploits/42044/unverifiedcve_referencewww.exploit-db.com/exploits/44598/unverifiedexploitdbwww.exploit-db.com/exploits/44598unverifiedexploitdbwww.exploit-db.com/exploits/42044unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/42044/https://www.exploit-db.com/exploits/44598/