CVE-2015-10029

kelvinmo simplexrd simplexrd.class.php xml external entity reference

CVSS 5.5 MEDIUMEPSS 0.8%CWE-611

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 5.5EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado

Ciclo de vida

07 ene 2023Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A vulnerability classified as problematic was found in kelvinmo simplexrd up to 3.1.0. This vulnerability affects unknown code of the file simplexrd/simplexrd.class.php. The manipulation leads to xml external entity reference. Upgrading to version 3.1.1 is able to address this issue. The patch is identified as 4c9f2e028523ed705b555eca2c18c64e71f1a35d. It is recommended to upgrade the affected component. VDB-217630 is the identifier assigned to this vulnerability.

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Productos afectados

kelvinmo · simplexrd

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/kelvinmo/simplexrd/commit/4c9f2e028523ed705b555eca2c18c64e71f1a35d https://github.com/kelvinmo/simplexrd/releases/tag/v3.1.1 https://vuldb.com/?ctiid.217630 https://vuldb.com/?id.217630