Dhimitri

Name of the Vulnerable Software and Affected Versions: playSMS versions 1.4.4 through 1.4.7 Description: A critical vulnerability has been found in playSMS, affecting an unknown function of the file /playsms/index.php?app=main&inc=core auth&route=forgot&op=forgot of the component Template Handler. The manipulation of the `username`, `email`, or `captcha` arguments leads to code injection. It is possible to launch the attack remotely. The complexity of an attack is rather high, and the exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Recommendations: To resolve the issue, upgrade the affected component to version >=1.4.4 or use the latest playsms/tpl package. As a temporary workaround, consider restricting access to the vulnerable Template Handler component until a patch is available. Avoid using the `username`, `email`, or `captcha` arguments in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** playSMS version 1.4.3 **Description** A vulnerability was found in the Template Handler component, specifically in the file /index.php?app=main&inc=feature firewall&op=firewall list. The manipulation of the `id` argument leads to injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. **Recommendations** For playSMS version 1.4.3, as a temporary workaround, consider restricting access to the /index.php?app=main&inc=feature firewall&op=firewall list endpoint until a patch is available. Avoid using the `id` argument in this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** playSMS version 1.4.3 **Description** A vulnerability was found in the Template Handler component of playSMS, affecting some unknown functionality of the file /index.php?app=main&inc=feature inboxgroup&op=list. The manipulation of the `id` argument leads to injection. This issue can be exploited remotely. **Recommendations** For playSMS version 1.4.3, as a temporary workaround, consider restricting access to the /index.php?app=main&inc=feature inboxgroup&op=list endpoint to minimize the risk of exploitation. Avoid using the `id` argument in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: playSMS version 1.4.3 Description: A vulnerability was found in the New Phonebook Handler component, affecting an unknown function of the file "/index.php?app=main&inc=feature phonebook&op=phonebook list". The manipulation of the `name` or `email` argument leads to basic cross-site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Recommendations: For playSMS version 1.4.3, as a temporary workaround, consider restricting access to the "/index.php?app=main&inc=feature phonebook&op=phonebook list" endpoint until a patch is available. Avoid using the `name` and `email` arguments in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: playSMS versions up to 1.4.7 Description: A problematic vulnerability has been found in the SMS Schedule Handler component. The issue affects an unknown function of the file /index.php?app=main&inc=feature schedule&op=list. The manipulation of the `name/message` argument leads to basic cross-site scripting. It is possible to launch the attack remotely. Recommendations: For playSMS versions up to 1.4.7, upgrade to version 1.4.8 to address this issue. As a temporary workaround, consider restricting access to the `/index.php?app=main&inc=feature schedule&op=list` endpoint until the upgrade is applied. Avoid using the `name/message` argument in the affected endpoint until the issue is resolved.