Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revolution vulnerabilities and exploits
(subscribe to this query)
7.3
CVSSv3
CVE-2016-10037
Directory traversal in /connectors/index.php in MODX Revolution prior to 2.5.2-pl allows remote malicious users to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist.
Modx Modx Revolution
7.3
CVSSv3
CVE-2016-10039
Directory traversal in /connectors/index.php in MODX Revolution prior to 2.5.2-pl allows remote malicious users to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles.
Modx Modx Revolution
6.1
CVSSv3
CVE-2015-6588
Cross-site scripting (XSS) vulnerability in login-fsp.html in MODX Revolution prior to 1.9.1 allows remote malicious users to inject arbitrary web script or HTML via the QUERY_STRING.
Modx Modx Revolution
NA
CVE-2010-5278
Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote malicious users to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some ...
Modx Modx Revolution
1 EDB exploit
5.4
CVSSv3
CVE-2023-28622
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in Trident Technolabs Easy Slider Revolution plugin <= 1.0.0 versions.
Tridenttechnolabs Easy Slider Revolution
NA
CVE-2006-2847
SQL injection vulnerability in links.asp in aspWebLinks 2.0 allows remote malicious users to execute arbitrary SQL commands via the linkID parameter.
Full Revolution Aspweblinks 2.0
1 EDB exploit
5.4
CVSSv3
CVE-2018-10382
MODX Revolution 2.6.3 has XSS.
Modx Modx Revolution 2.6.3
NA
CVE-2007-4713
Multiple cross-site scripting (XSS) vulnerabilities in urchin.cgi in Urchin 5.6.00r2 allow remote malicious users to inject arbitrary web script or HTML via the (1) dtc, (2) vid, (3) n, (4) dt, (5) ed, and (6) bd parameters.
Roi Revolution Urchin 5.6.00r2
NA
CVE-2007-4832
Format string vulnerability in CellFactor Revolution 1.03 and previous versions allows remote malicious users to execute arbitrary code via format string specifiers in a malformed nickname.
Immersion Games Cellfactor Revolution
5.4
CVSSv3
CVE-2018-17556
MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action.
Modx Modx Revolution 2.6.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »