{"vulnerability": "CVE-2013-1000", "sightings": [{"uuid": "e1cf1ec0-4bd9-4a91-95a7-b0b4c4de4fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10006", "type": "seen", "source": "https://t.me/cibsecurity/55727", "content": "\u203c CVE-2013-10006 \u203c\n\nA vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. Upgrading to version 0.8.4rc2 is able to address this issue. The name of the patch is cdb3441b5cd2c1bae49fae671dc4a496f7c96322. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217171.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-01T20:15:45.000000Z"}, {"uuid": "bb76402a-0605-475e-b9ee-da354f59c069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10006", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11289", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2013-10006\n\ud83d\udd25 CVSS Score: 2.6 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability classified as problematic was found in Ziftr primecoin up to 0.8.4rc1. Affected by this vulnerability is the function HTTPAuthorized of the file src/bitcoinrpc.cpp. The manipulation of the argument strUserPass/strRPCUserColonPass leads to observable timing discrepancy. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 0.8.4rc2 is able to address this issue. The patch is named cdb3441b5cd2c1bae49fae671dc4a496f7c96322. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217171.\n\ud83d\udccf Published: 2023-01-01T16:30:02.883Z\n\ud83d\udccf Modified: 2025-04-10T17:32:01.693Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.217171\n2. https://vuldb.com/?ctiid.217171\n3. https://github.com/Ziftr/primecoin/commit/cdb3441b5cd2c1bae49fae671dc4a496f7c96322\n4. https://github.com/Ziftr/primecoin/releases/tag/v0.8.4rc2", "creation_timestamp": "2025-04-10T17:49:09.000000Z"}, {"uuid": "68b607db-360d-4059-ae39-4f5f62edb636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10008", "type": "seen", "source": "https://t.me/cibsecurity/56082", "content": "\u203c CVE-2013-10008 \u203c\n\nA vulnerability was found in sheilazpy eShop. It has been classified as critical. Affected is an unknown function. The manipulation leads to sql injection. The name of the patch is e096c5849c4dc09e1074104531014a62a5413884. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217572.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-07T00:24:38.000000Z"}, {"uuid": "9d34d0fe-872e-48ba-8e74-29880c9fa48c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10005", "type": "seen", "source": "https://t.me/cibsecurity/55446", "content": "\u203c CVE-2013-10005 \u203c\n\nThe RemoteAddr and LocalAddr methods on the returned net.Conn may call themselves, leading to an infinite loop which will crash the program due to a stack overflow.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T00:11:56.000000Z"}, {"uuid": "6041dfcf-db47-4d61-b6e2-cb8f78266c01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10009", "type": "seen", "source": "https://t.me/cibsecurity/56128", "content": "\u203c CVE-2013-10009 \u203c\n\nA vulnerability was found in DrAzraelTod pyChao and classified as critical. Affected by this issue is the function klauen/lesen of the file mod_fun/__init__.py. The manipulation leads to sql injection. The name of the patch is 9d8adbc07c384ba51c2583ce0819c9abb77dc648. It is recommended to apply a patch to fix this issue. VDB-217634 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-08T06:13:59.000000Z"}, {"uuid": "2ebcb818-0c1b-4c1c-92b6-9beb4c43ad98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10002", "type": "seen", "source": "https://t.me/cibsecurity/43285", "content": "\u203c CVE-2013-10002 \u203c\n\nA vulnerability was found in Telecommunication Software SAMwin Contact Center Suite 5.1. It has been rated as critical. Affected by this issue is the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the credential handler. Authentication is possible with hard-coded credentials. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-24T20:37:10.000000Z"}, {"uuid": "1e260865-5803-40b4-bf12-3ee7fb4c770b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10004", "type": "seen", "source": "https://t.me/cibsecurity/43281", "content": "\u203c CVE-2013-10004 \u203c\n\nA vulnerability classified as critical was found in Telecommunication Software SAMwin Contact Center Suite 5.1. This vulnerability affects the function passwordScramble in the library SAMwinLIBVB.dll of the component Password Handler. Incorrect implementation of a hashing function leads to predictable authentication possibilities. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-24T20:37:06.000000Z"}, {"uuid": "c5fe6b6a-598d-4b27-a015-bba781a325bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10003", "type": "seen", "source": "https://t.me/cibsecurity/43284", "content": "\u203c CVE-2013-10003 \u203c\n\nA vulnerability classified as critical has been found in Telecommunication Software SAMwin Contact Center Suite 5.1. This affects the function getCurrentDBVersion in the library SAMwinLIBVB.dll of the database handler. The manipulation leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 6.2 is able to address this issue. It is recommended to upgrade the affected component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-24T20:37:10.000000Z"}, {"uuid": "53f9bc6c-b66b-4390-bb1e-7c085feb1a78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2013-10001", "type": "seen", "source": "https://t.me/cibsecurity/42798", "content": "\u203c CVE-2013-10001 \u203c\n\nA vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-17T12:27:17.000000Z"}]}