Vulnerability CVE-2010-5278

Vulnerability CVE-2010-5278

Published: 2012-10-07 Modified: 2012-10-08

Description:

	Topic	Author	Date
Med.	MODx Revolution 2.0.2-pl local file inclusion vulnerability	John Leitch	30.09.2010

Type:

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

Affected software
MODX -> Modx revolution

http://modxcms.com/forums/index.php/topic,55104.0.html

http://modxcms.com/forums/index.php/topic,55105.msg317273.html

http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt

http://secunia.com/advisories/41638

http://www.johnleitch.net/Vulnerabilities/MODx.Revolution.2.0.2-pl.Local.File.Inclusion/49

http://www.osvdb.org/68265

http://www.securityfocus.com/bid/43577

https://exchange.xforce.ibmcloud.com/vulnerabilities/62073