Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
revolution vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-1010178
Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impact is: Remote Code Execution. The component is: assets/components/fred/web/elfinder/connector.php. The attack vector is: Uploading a PHP file or change data in the database. The fixe...
Modx Fred 1.0.0
445
VMScore
CVE-2019-1010123
MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into phpthumb class. The attack vector is: web ...
Modx Modx Revolution
383
VMScore
CVE-2018-20755
MODX Revolution through v2.7.0-pl allows XSS via the User Photo field.
Modx Modx Revolution 2.7.0
Modx Modx Revolution
383
VMScore
CVE-2018-20757
MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.
Modx Modx Revolution
Modx Modx Revolution 2.7.0
383
VMScore
CVE-2018-20756
MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.
Modx Modx Revolution
Modx Modx Revolution 2.7.0
312
VMScore
CVE-2018-20758
MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description.
Modx Modx Revolution
312
VMScore
CVE-2018-17556
MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action.
Modx Modx Revolution 2.6.5
578
VMScore
CVE-2018-1000207
MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. This attack appear to be exploitable via Web request. Thi...
Modx Modx Revolution
570
VMScore
CVE-2018-1000208
MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have b...
Modx Modx Revolution
312
VMScore
CVE-2018-10382
MODX Revolution 2.6.3 has XSS.
Modx Modx Revolution 2.6.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »