Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revolution vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-1952
common.php in Post Revolution prior to 0.8.0c-2 allows remote malicious users to cause a denial of service (infinite loop) via malformed HTML markup, as demonstrated by an a< sequence.
Postrev Post Revolution 0.6.6
Postrev Post Revolution 0.6.5
Postrev Post Revolution
Postrev Post Revolution 0.8.0b
Postrev Post Revolution 0.8.0
Postrev Post Revolution 0.6.4
Postrev Post Revolution 0.6.3
Postrev Post Revolution 0.7.0
Postrev Post Revolution 0.6.2
4.3
CVSSv2
CVE-2018-20755
MODX Revolution through v2.7.0-pl allows XSS via the User Photo field.
Modx Modx Revolution 2.7.0
Modx Modx Revolution
4.3
CVSSv2
CVE-2018-20757
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
Modx Modx Revolution
Modx Modx Revolution 2.7.0
4.3
CVSSv2
CVE-2018-20756
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
Modx Modx Revolution
Modx Modx Revolution 2.7.0
5.4
CVSSv2
CVE-2014-7632
The news revolution - bahrain (aka com.news.revolution.BH) application 3.2 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle malicious users to spoof servers and obtain sensitive information via a crafted certificate.
News Revolution - Bahrain Project News Revolution - Bahrain 3.2
6.5
CVSSv2
CVE-2022-26149
MODX Revolution up to and including 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator.
Modx Revolution
5
CVSSv2
CVE-2019-1010123
MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into phpthumb class. The attack vector is: web ...
Modx Modx Revolution
7.5
CVSSv2
CVE-2015-1400
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote malicious users to execute arbitrary SQL commands via the query parameter.
Npds Revolution 13.0
1 EDB exploit
NA
CVE-2023-47772
Contributor+ Stored Cross-Site Scripting (XSS) vulnerability in Slider Revolution <= 6.6.14.
Themepunch Slider Revolution
4.3
CVSSv2
CVE-2010-5278
Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some ...
Modx Modx Revolution
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »