Lucene search
K

16 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-1492

Malware in sbrugna...

5.4CVSS5.5AI score0.00498EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 1:17 a.m.8 views

CVE-2017-1000223

A stored web content injection vulnerability WCI, a.k.a XSS is present in MODX Revolution CMS version 2.5.6 and earlier. An authenticated user with permissions to edit users can save malicious JavaScript as a User Group name and potentially take control over victims' accounts. This can lead to an...

5.4CVSS7.1AI score0.00498EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/06/04 12:0 a.m.61 views

MODX Revolution CMS <= 2.6.3 Stored XSS Vulnerability

MODX CMS is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.4CVSS5.6AI score0.00665EPSS
Exploits0References3
Prion
Prion
added 2017/11/17 5:29 a.m.13 views

Design/Logic Flaw

A stored web content injection vulnerability WCI, a.k.a XSS is present in MODX Revolution CMS version 2.5.6 and earlier. An authenticated user with permissions to edit users can save malicious JavaScript as a User Group name and potentially take control over victims' accounts. This can lead to an...

3.5CVSS5.8AI score0.00498EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/11/17 5:29 a.m.14 views

CVE-2017-1000223

A stored web content injection vulnerability WCI, a.k.a XSS is present in MODX Revolution CMS version 2.5.6 and earlier. An authenticated user with permissions to edit users can save malicious JavaScript as a User Group name and potentially take control over victims' accounts. This can lead to an...

5.4CVSS5.8AI score0.00498EPSS
Exploits0References1
OSV
OSV
added 2017/11/17 5:29 a.m.14 views

CVE-2017-1000223

A stored web content injection vulnerability WCI, a.k.a XSS is present in MODX Revolution CMS version 2.5.6 and earlier. An authenticated user with permissions to edit users can save malicious JavaScript as a User Group name and potentially take control over victims' accounts. This can lead to an...

5.4CVSS7.1AI score
Exploits0References1
CVE
CVE
added 2017/11/17 5:0 a.m.54 views

CVE-2017-1000223

MODX Revolution CMS

5.4CVSS5.7AI score0.00498EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/11/17 5:0 a.m.21 views

CVE-2017-1000223

A stored web content injection vulnerability WCI, a.k.a XSS is present in MODX Revolution CMS version 2.5.6 and earlier. An authenticated user with permissions to edit users can save malicious JavaScript as a User Group name and potentially take control over victims' accounts. This can lead to an...

5.8AI score0.00498EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/05/15 12:0 a.m.56 views

MODX CMS 2.x < 2.5.7 Multiple Vulnerabilities

MODX CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:modx:revolution"; if description...

8.8CVSS5.9AI score0.01865EPSS
Exploits5References3
OpenVAS
OpenVAS
added 2017/04/06 12:0 a.m.47 views

MODX CMS 2.x < 2.5.5 Multiple Vulnerabilities

MODX CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:modx:revolution"; ifdescription...

9.8CVSS7.1AI score0.02145EPSS
Exploits5References3
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.35 views

MODx Revolution CMS 2.0.4-pl2 Remote XSS POST Injection Vulnerability

No description provided by source. !-- Title: MODx Revolution CMS 2.0.4-pl2 Remote XSS POST Injection Vulnerability Vendor: MODx, LLC. Product web page: http://www.modxcms.com Affected version: 2.0.4-pl2 public launch 2 Summary: MODx Revolution is a powerful PHP Content Management Framework that...

7.1AI score
Exploits0
0day.today
0day.today
added 2011/05/23 12:0 a.m.24 views

MODx Revolution 2.0.8-pl CMS XSRF Vulnerability (Add new user)

Exploit for php platform in category web applications + Exploit Title: MODx Revolution 2.0.8-pl CMS XSRF Vulnerability Add new user + Author : ^Xecuti0n3r + E-mail : xecuti0n3ryahoo.com + Category : Web Apps XSRF + Demo Link : http://www.cmsagora.com/demo.php?id=50&type=2 + Demo Login: Username:...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2010/12/06 12:0 a.m.26 views

MODx Revolution CMS Cross Site Scripting

getObject'modUser',array 30: 'username' = $POST'username', 31: ; ... 71: else if !empty$POST'forgotlogin' 72: $c = $modx-newQuery'modUser'; 73: $c-selectarray'modUser.','Profile.email','Profile.fullname'; 74: $c-innerJoin'modUserProfile','Profile'; 75: $c-wherearray 76: '...

Exploits0
Zero Science Lab
Zero Science Lab
added 2010/12/06 12:0 a.m.34 views

MODx Revolution CMS 2.0.4-pl2 Remote XSS POST Injection Vulnerability

Summary MODx Revolution is a powerful PHP Content Management Framework that plays nicely with custom code and helps you build sites faster and maintain them with ease. With Revolution you'll leverage the best things to come around since MVC and Active Record. Description The MODx Revolution CMS...

6.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/12/06 12:0 a.m.36 views

MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting

getObject'modUser',array 30: 'username' = $POST'username', 31: ; ... 71: else if !empty$POST'forgotlogin' 72: $c = $modx-newQuery'modUser'; 73: $c-selectarray'modUser.','Profile.email','Profile.fullname'; 74: $c-innerJoin'modUserProfile','...

7AI score
Exploits0
exploitpack
exploitpack
added 2010/12/06 12:0 a.m.31 views

MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting

MODx REvolution CMS 2.0.4-pl2 - POST injection Cross-Site Scripting getObject'modUser',array 30: 'username' = $POST'username', 31: ; ... 71: else if !empty$POST'forgotlogin' 72: $c = $modx-newQuery'modUser'; 73: $c-selectarray'modUser.','Profile.email','Profile.fullname'; 74: $...

7.1AI score
Exploits0
Rows per page
Query Builder