Vulnerability CVE-2022-26149
Published: 2022-02-26

Description:
MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Remote Code Execution in MODX Revolution V2.8.3-pl
Sarang Tumne
15.11.2022
High
MODX Revolution v2.8.3-pl Authenticated Remote Code Execution
Sarang Tumne @Cy...
27.03.2023

 References:
https://github.com/sartlabs/0days/blob/main/Modx/Exploit.txt
Copyright 2024, cxsecurity.com

 

Back to Top