Vulnerability Details CVE-2017-9101
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.798
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References