PT-2002-1291 · Unknown · Phpsmssend
Published
2002-05-03
·
Updated
2008-09-11
·
CVE-2002-0220
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
PhpSmsSend version 1.0
Description
The issue allows remote attackers to execute arbitrary commands via an SMS message containing shell metacharacters. This is related to the phpsmssend.php file in PhpSmsSend.
Recommendations
For PhpSmsSend version 1.0, consider validating and sanitizing SMS message content to prevent the execution of arbitrary commands, or restrict access to the phpsmssend.php file until a proper fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpsmssend