{"vulnerability": "CVE-2015-1003", "sightings": [{"uuid": "f66f17ae-df6f-4746-9710-1c04b89bbb52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10038", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11051", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2015-10038\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability was found in nym3r0s pplv2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 28f8b0550104044da09f04659797487c59f85b00. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218023.\n\ud83d\udccf Published: 2023-01-11T18:21:54.555Z\n\ud83d\udccf Modified: 2025-04-09T13:41:24.986Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.218023\n2. https://vuldb.com/?ctiid.218023\n3. https://github.com/nym3r0s/pplv2/commit/28f8b0550104044da09f04659797487c59f85b00", "creation_timestamp": "2025-04-09T13:47:26.000000Z"}, {"uuid": "9190e8e6-bbb4-4345-86ab-189f9cb77410", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10032", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11151", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2015-10032\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability was found in HealthMateWeb. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file createaccount.php. The manipulation of the argument username/password/first_name/last_name/company/phone leads to cross site scripting. The attack can be launched remotely. The patch is named 472776c25b1046ecaf962c46fed7c713c72c28e3. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217663.\n\ud83d\udccf Published: 2023-01-09T08:45:10.725Z\n\ud83d\udccf Modified: 2025-04-09T19:27:26.144Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.217663\n2. https://vuldb.com/?ctiid.217663\n3. https://github.com/StevenElberger/HealthMateWeb/commit/472776c25b1046ecaf962c46fed7c713c72c28e3", "creation_timestamp": "2025-04-09T19:48:28.000000Z"}, {"uuid": "5ff56363-3674-4b7d-a903-8ebdaefa2b8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10033", "type": "seen", "source": "https://t.me/cibsecurity/56179", "content": "\u203c CVE-2015-10033 \u203c\n\nA vulnerability, which was classified as problematic, was found in jvvlee MerlinsBoard. This affects an unknown part of the component Grade Handler. The manipulation leads to improper authorization. The name of the patch is 134f5481e2914b7f096cd92a22b1e6bcb8e6dfe5. It is recommended to apply a patch to fix this issue. The identifier VDB-217713 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T00:27:52.000000Z"}, {"uuid": "95a9d827-a07c-4ff9-8f86-7199323cc4a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10035", "type": "seen", "source": "https://t.me/cibsecurity/56178", "content": "\u203c CVE-2015-10035 \u203c\n\nA vulnerability was found in gperson angular-test-reporter and classified as critical. This issue affects the function getProjectTables/addTest of the file rest-server/data-server.js. The manipulation leads to sql injection. The name of the patch is a29d8ae121b46ebfa96a55a9106466ab2ef166ae. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217715.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T00:27:51.000000Z"}, {"uuid": "a5a792ea-90a8-4ccd-9ef9-da822114769a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10034", "type": "seen", "source": "https://t.me/cibsecurity/56175", "content": "\u203c CVE-2015-10034 \u203c\n\nA vulnerability has been found in j-nowak workout-organizer and classified as critical. This vulnerability affects unknown code. The manipulation leads to sql injection. The name of the patch is 13cd6c3d1210640bfdb39872b2bb3597aa991279. It is recommended to apply a patch to fix this issue. VDB-217714 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T00:27:48.000000Z"}, {"uuid": "e2076d50-4312-4f68-9786-a08fc385e486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2015-10030", "type": "seen", "source": "https://t.me/cibsecurity/56130", "content": "\u203c CVE-2015-10030 \u203c\n\nA vulnerability has been found in SUKOHI Surpass and classified as critical. This vulnerability affects unknown code of the file src/Sukohi/Surpass/Surpass.php. The manipulation of the argument dir leads to pathname traversal. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is d22337d453a2a14194cdb02bf12cdf9d9f827aa7. It is recommended to upgrade the affected component. VDB-217642 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-08T15:34:19.000000Z"}]}