CVE-2010-3930

The CVE-2010-3930 issue affects MODx Evolution 1.0.4 and earlier, described as a directory traversal vulnerability related to AjaxSearch. Connected sources confirm a vulnerable component: the ucfg parameter handling in assets/snippets/ajaxSearch/ajaxSearchPopup.php allows a remote attacker to rea...

CVE-2010-1427

CVE-2010-1427 is an XSS vulnerability in the MODx Evolution project, specifically affecting the SearchHighlight plugin prior to version 1.0.3. It allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to AjaxSearch. The NVD entry lists a CVSS v2 base score of 4...

CVE-2011-0741

CVE-2011-0741: ModX Evolution versions prior to 1.0.5 are affected by multiple cross-site scripting (XSS) vulnerabilities exploitable via the installer or image editor. Remote attackers can inject arbitrary web script or HTML. The CVE entry describes the issue and impact as XSS with partial integ...

CVE-2010-3929

CVE-2010-3929 affects MODx Evolution up to version 1.0.4. The connected sources confirm a SQL injection vulnerability in AjaxSearch that allows a remote attacker to cause arbitrary SQL commands, leading to potential arbitrary PHP code execution per JVN entries. Impact is described as remote code ...