Anton Raharja PlaySMS Unspecified File Include Vulnerability

A vulnerability is reported to exist in the software that may allow an attacker to include malicious files containing arbitrary code to be executed on a vulnerable computer. The issue exists due to improper validation of user-supplied data. Remote attackers could potentially exploit this issue via a vulnerable variable to include a remote malicious script, which will be executed in the context of the server hosting the vulnerable software.

This issue is reported to exist in PlaySMS 0.6. Other versions may be affected as well.


 

Privacy Statement
Copyright 2010, SecurityFocus