VYPR

Vendor CVEs

Modx

All CVEs

53 total · sorted by risk
  • CVE-2008-5941Jan 22, 2009
    risk 0.00cvss epss 0.00

    Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.

  • CVE-2008-5940Jan 22, 2009
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the searchid parameter. NOTE: some of these details are obtained from third party information.

  • CVE-2007-5371Oct 11, 2007
    risk 0.00cvss epss 0.01

    Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter.

Page 2 of 2