RSS   Vulnerabilities for 'Evolution'   RSS

2011-02-01
 
CVE-2011-0741

CWE-79
 
 
Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) installer or (2) image editor.

 
 
CVE-2010-3930

CWE-22
 
 
Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE-2010-1427.

 
 
CVE-2010-3929

CWE-89
 
 
SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch.

 
2010-04-15
 
CVE-2010-1427

CWE-79
 
 
Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin in MODx Evolution before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to AjaxSearch.

 

 >>> Vendor: Modxcms 3 Products
Modxcms
Filedownload
Evolution

Copyright 2024, cxsecurity.com

 

Back to Top