VULHUB ™

An SQL injection vulnerability is identified in the application that may allow attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks. This vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, user-supplied data from cookies is used in SQL queries without sanitization. This may allow a remote user to inject arbitrary SQL queries into the underlying database used by the application. This issue is reported to exist in PlaySMS versions 0.7 and prior.

An SQL injection vulnerability is identified in the application that may allow attackers to pass malicious input to database queries, resulting in the modification of query logic or other attacks. This vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, user-supplied data from cookies is used in SQL queries without sanitization. This may allow a remote user to inject arbitrary SQL queries into the underlying database used by the application. This issue is reported to exist in PlaySMS versions 0.7 and prior.