Sql injection

Multiple SQL injection vulnerabilities in mutatecontent.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the 1 documentDirty or 2 modVariables parameter...