CVE-2015-10029 MEDIUM

CVE-2015-10029: kelvinmo simplexrd simplexrd.class.php xml external entity reference

Vendor Kelvinmo
Product simplexrd
Weakness CWE-611 · XXE
Published January 7, 2023
Last update April 9, 2025

CVSS base score

5.5/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

A vulnerability classified as problematic was found in kelvinmo simplexrd up to 3.1.0. This vulnerability affects unknown code of the file simplexrd/simplexrd.class.php. The manipulation leads to xml external entity reference. Upgrading to version 3.1.1 is able to address this issue. The patch is identified as 4c9f2e028523ed705b555eca2c18c64e71f1a35d. It is recommended to upgrade the affected component. VDB-217630 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

January 7, 2023 CVE published
April 9, 2025 Record updated