CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Modxcms: >> Modxcms Security Vulnerabilities

CVE-2006-5730

PHP remote file inclusion vulnerability in manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php in Modx CMS 0.9.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter. NOTE: it is possible that this is a vulnerability in FCKeditor.

CVSS Score

5.1

EPSS Score

0.075

Published

2006-11-06

CVE-2006-1820

Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this might be resultant from the directory traversal vulnerability.

CVSS Score

5.8

EPSS Score

0.006

Published

2006-04-18

CVE-2006-1821

Directory traversal vulnerability in index.php in ModX 0.9.1 allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the id parameter.

CVSS Score

6.4

EPSS Score

0.051

Published

2006-04-18

Page 2

Vulnerabilities

Vulnerable Software

Modxcms: >> Modxcms Security Vulnerabilities

Products

Pricing

Contact Us