Vulnerabilities > Modx

DATE CVE VULNERABILITY TITLE RISK
2016-12-24 CVE-2016-10039 Path Traversal vulnerability in Modx Revolution
Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles.
network
low complexity
modx CWE-22
7.3
2016-12-24 CVE-2016-10038 Path Traversal vulnerability in Modx Revolution
Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/remove.
network
low complexity
modx CWE-22
7.3
2016-12-24 CVE-2016-10037 Path Traversal vulnerability in Modx Revolution
Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted id (aka dir) parameter, related to browser/directory/getlist.
network
low complexity
modx CWE-22
7.3