Lucene search

Evolution Security Vulnerabilities

cve

CVE-2010-1427

Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin in MODx Evolution before 1.0.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to AjaxSearch.

5.6AI Score

0.003EPSS

2010-04-15 09:30 PM

cve

CVE-2010-3929

SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute arbitrary SQL commands via unknown vectors related to AjaxSearch.

8.6AI Score

0.002EPSS

2011-02-02 01:00 AM

cve

CVE-2010-3930

Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE-2010-1427.

6.6AI Score

0.003EPSS

2011-02-02 01:00 AM

cve

CVE-2011-0741

Multiple cross-site scripting (XSS) vulnerabilities in ModX Evolution before 1.0.5 allow remote attackers to inject arbitrary web script or HTML via the (1) installer or (2) image editor.

5.9AI Score

0.002EPSS

2011-02-02 01:00 AM