PT-2023-10208 · Kelvinmo · Simplexrd
Kelvinmo
·
Publicado
2023-01-07
·
Atualizado
2024-05-17
·
CVE-2015-10029
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
kelvinmo simplexrd versions up to 3.1.0
Description
A vulnerability was found in the file
simplexrd/simplexrd.class.php, which leads to xml external entity reference. This issue affects unknown code and can be addressed by upgrading to version 3.1.1.Recommendations
For kelvinmo simplexrd versions up to 3.1.0, upgrade to version 3.1.1 to address the issue. As a temporary workaround, consider restricting access to the
simplexrd/simplexrd.class.php file until the upgrade is applied.Correção
XXE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Simplexrd