Lucene search
Tenable5522.PRMHistoryApr 29, 2010 - 12:00 a.m.
MODx < 1.0.3 Multiple Vulnerabilities
2010-04-2900:00:00
Tenable
www.tenable.com
10
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
65.5%
The remote web server is hosting MODx, a content management system written in PHP. The installed version of MODx is earlier than 1.0.3. Such versions are potentially affected by multiple vulnerabilities :
-
A cross-site scripting vulnerability in the ‘SearchHighlight’ plugin. (CVE-2010-1427)
-
A SQL-injection vulnerability related to WebLogin. (CVE-2010-1426)
Binary data 5522.prmRelated
prion
prion
Sql injection
2010-04-15 21:30:00
Cross site scripting
2010-04-15 21:30:00
Directory traversal
2011-02-02 01:00:00
cvelist
cvelist
jvn
jvn
JVN#19774883 MODx vulnerable to SQL injection
2010-04-08 00:00:00
JVN#46669729 MODx vulnerable to cross-site scripting
2010-04-08 00:00:00
nvd
nvd
cve
cve
nessus
nessus
MODx SearchHighlight plugin XSS
2010-04-29 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.003
Percentile
65.5%
Related for 5522.PRM