CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
65.5%
The remote web server is hosting MODx, a content management system written in PHP. The installed version of MODx is earlier than 1.0.3. Such versions are potentially affected by multiple vulnerabilities :
A cross-site scripting vulnerability in the ‘SearchHighlight’ plugin. (CVE-2010-1427)
A SQL-injection vulnerability related to WebLogin. (CVE-2010-1426)
Binary data 5522.prm