Published: 07/10/2011 Updated: 07/11/2023

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote malicious users to inject arbitrary web script or HTML via the modhash parameter.

Vulnerable Product	Search on Vulmon	Subscribe to Product
modx revolution 2.0.2-pl

source: wwwsecurityfocuscom/bid/43577/info MODx is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the contex ...

CWE-79 http://packetstormsecurity.org/1009-exploits/modx202pl-xss.txt http://www.securityfocus.com/bid/43577 http://secunia.com/advisories/41638 http://www.osvdb.org/68264 http://securityreason.com/securityalert/8435 https://exchange.xforce.ibmcloud.com/vulnerabilities/62070 http://modxcms.com/forums/index.php/topic%2C55105.0.html http://modxcms.com/forums/index.php/topic%2C55104.0.html https://nvd.nist.gov https://www.exploit-db.com/exploits/34787/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-4883

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect