Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revolution vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2020-25911
A XML External Entity (XXE) vulnerability exists in the modRestServiceRequest component in MODX CMS 2.7.3 which can lead to an information disclosure or denial of service (DOS).
Modx Modx Revolution 2.7.3
7.5
CVSSv2
CVE-2019-1010178
Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixe...
Modx Fred 1.0.0
5
CVSSv2
CVE-2019-1010123
MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into phpthumb class. The attack vector is: web ...
Modx Modx Revolution
4.3
CVSSv2
CVE-2018-20755
MODX Revolution through v2.7.0-pl allows XSS via the User Photo field.
Modx Modx Revolution 2.7.0
Modx Modx Revolution
4.3
CVSSv2
CVE-2018-20757
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
Modx Modx Revolution
Modx Modx Revolution 2.7.0
3.5
CVSSv2
CVE-2018-20758
MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description.
Modx Modx Revolution
4.3
CVSSv2
CVE-2018-20756
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
Modx Modx Revolution
Modx Modx Revolution 2.7.0
3.5
CVSSv2
CVE-2018-17556
MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action.
Modx Modx Revolution 2.6.5
6.4
CVSSv2
CVE-2018-1000208
MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have b...
Modx Modx Revolution
6.5
CVSSv2
CVE-2018-1000207
MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. This attack appear to be exploitable via Web request. Thi...
Modx Modx Revolution
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »