CVE-2008-5940
MODx contains a SQL injection in index.php (MODx 0.9.6.2 and earlier) that can be triggered when magic_quotes_gpc is disabled, allowing a remote attacker to execute arbitrary SQL via the searchid parameter. Impact: remote attacker could obtain administrative privileges. Affected versions: 0.9.6.2...