Modx: >> Revolution >> 2.0.0 Security Vulnerabilities
MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator.
CVSS Score
7.2
EPSS Score
0.036
Published
2022-02-26
MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.
CVSS Score
8.8
EPSS Score
0.005
Published
2017-07-17