MODX Revolution up to and including 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
modx revolution |