VYPR
High severity7.0NVD Advisory· Published May 18, 2017· Updated Jun 17, 2026

CVE-2017-9067

CVE-2017-9067

Description

In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
modx/revolutionPackagist
< 2.5.72.5.7

Affected products

3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.