VYPR
High severity7.3NVD Advisory· Published Dec 24, 2016· Updated Jun 17, 2026

CVE-2016-10039

CVE-2016-10039

Description

Directory traversal in /connectors/index.php in MODX Revolution before 2.5.2-pl allows remote attackers to perform local file inclusion/traversal/manipulation via a crafted dir parameter, related to browser/directory/getfiles.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Modx/Revolution2 versions
    cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:modx:modx_revolution:*:*:*:*:*:*:*:*range: <2.5.2
    • (no CPE)range: <2.5.2-pl

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.