PT-2023-10208 · Kelvinmo · Simplexrd
Kelvinmo
·
Published
2023-01-07
·
Updated
2024-05-17
·
CVE-2015-10029
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
kelvinmo simplexrd versions up to 3.1.0
Description
A vulnerability was found in the file
simplexrd/simplexrd.class.php, which leads to xml external entity reference. This issue affects unknown code and can be addressed by upgrading to version 3.1.1.Recommendations
For kelvinmo simplexrd versions up to 3.1.0, upgrade to version 3.1.1 to address the issue. As a temporary workaround, consider restricting access to the
simplexrd/simplexrd.class.php file until the upgrade is applied.Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simplexrd