PHP remote file inclusion vulnerability in assets/snippets/reflect/snippet.reflect.php in MODx CMS 0.9.6.2 and previous versions, when magic_quotes_gpc is disabled, allows remote malicious users to execute arbitrary PHP code via a URL in the reflect_base parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
modxcms modxcms 0.9.6 |
||
modxcms modxcms 0.9.2.1 |
||
modxcms modxcms 0.9.1 |
||
modxcms modxcms |
||
modxcms modxcms 0.9.5 |
||
modxcms modxcms 0.9.0 |
||
modxcms modxcms 0.9.6.1 |