Modx CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Modx Subscriptions

Search

Switch to Advanced Search (Beta)

Total 44 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-16637	1 Modx	1 Evolution Cms	2024-11-21	N/A
Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI.
CVE-2018-10382	1 Modx	1 Modx Revolution	2024-11-21	N/A
MODX Revolution 2.6.3 has XSS.
CVE-2018-1000208	1 Modx	1 Modx Revolution	2024-11-21	N/A
MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have been fixed in pull 13980.
CVE-2018-1000207	1 Modx	1 Modx Revolution	2024-11-21	N/A
MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. This attack appear to be exploitable via Web request. This vulnerability appears to have been fixed in commit 06bc94257408f6a575de20ddb955aca505ef6e68.

« first previous Page 3 of 3.