VYPR
High severity8.8NVD Advisory· Published Jul 17, 2017· Updated Jun 17, 2026

CVE-2017-1000067

CVE-2017-1000067

Description

MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
modx/revolutionPackagist
>= 2.0.0, < 2.6.02.6.0

Affected products

38
  • Modx/Revolution37 versions
    cpe:2.3:a:modx:revolution:2.0.0:*:*:*:*:*:*:*+ 36 more
    • cpe:2.3:a:modx:revolution:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.0.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.0.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.0.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.1.0:p12:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.1.1:p12:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.0:rc1:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.0:rc2:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.0:rc3:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:modx:revolution:2.5.6:*:*:*:*:*:*:*
  • ghsa-coords
    Range: >= 2.0.0, < 2.6.0

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.