{"vulnerability": "CVE-2015-1002", "sightings": [{"uuid": "68ac4884-d1e4-464a-8b67-4734e9857067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10024", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11150", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2015-10024\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in hoffie larasync. This vulnerability affects unknown code of the file repository/content/file_storage.go. The manipulation leads to path traversal. The name of the patch is 776bad422f4bd4930d09491711246bbeb1be9ba5. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217612.\n\ud83d\udccf Published: 2023-01-07T12:39:47.568Z\n\ud83d\udccf Modified: 2025-04-09T19:28:07.945Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.217612\n2. https://vuldb.com/?ctiid.217612\n3. https://github.com/hoffie/larasync/commit/776bad422f4bd4930d09491711246bbeb1be9ba5", "creation_timestamp": "2025-04-09T19:48:27.000000Z"}, {"uuid": "18aa8780-3063-4cb0-bcbd-fe851d56e086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10020", "type": "seen", "source": "https://t.me/cibsecurity/56510", "content": "\u203c CVE-2015-10020 \u203c\n\nA vulnerability has been found in ssn2013 cis450Project and classified as critical. This vulnerability affects the function addUser of the file HeatMapServer/src/com/datformers/servlet/AddAppUser.java. The manipulation leads to sql injection. The name of the patch is 39b495011437a105c7670e17e071f99195b4922e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-218380.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-15T00:37:23.000000Z"}, {"uuid": "0c8bf30c-696f-4539-bcc1-a75b78d6368e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10028", "type": "seen", "source": "https://t.me/cibsecurity/56126", "content": "\u203c CVE-2015-10028 \u203c\n\nA vulnerability has been found in ss15-this-is-sparta and classified as problematic. This vulnerability affects unknown code of the file js/roomElement.js of the component Main Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is ba2f71ad3a46e5949ee0c510b544fa4ea973baaa. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217624.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-07T22:26:13.000000Z"}, {"uuid": "57b0d42e-c9fb-4bff-abdd-9134e147e450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10029", "type": "seen", "source": "https://t.me/cibsecurity/56123", "content": "\u203c CVE-2015-10029 \u203c\n\nA vulnerability classified as problematic was found in kelvinmo simplexrd up to 3.1.0. This vulnerability affects unknown code of the file simplexrd/simplexrd.class.php. The manipulation leads to xml external entity reference. Upgrading to version 3.1.1 is able to address this issue. The name of the patch is 4c9f2e028523ed705b555eca2c18c64e71f1a35d. It is recommended to upgrade the affected component. VDB-217630 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-07T22:26:10.000000Z"}]}