Vendor CVEs
Modx
All CVEs
53 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-5941 | 0.00 | — | 0.00 | Jan 22, 2009 | Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors. | |||
| CVE-2008-5940 | 0.00 | — | 0.01 | Jan 22, 2009 | SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the searchid parameter. NOTE: some of these details are obtained from third party information. | |||
| CVE-2007-5371 | 0.00 | — | 0.01 | Oct 11, 2007 | Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter. |
- CVE-2008-5941Jan 22, 2009risk 0.00cvss —epss 0.00
Cross-site request forgery (CSRF) vulnerability in MODx 0.9.6.1p2 and earlier allows remote attackers to perform unauthorized actions as other users via unknown vectors.
- CVE-2008-5940Jan 22, 2009risk 0.00cvss —epss 0.01
SQL injection vulnerability in index.php in MODx 0.9.6.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the searchid parameter. NOTE: some of these details are obtained from third party information.
- CVE-2007-5371Oct 11, 2007risk 0.00cvss —epss 0.01
Multiple SQL injection vulnerabilities in mutate_content.dynamic.php in MODx 0.9.6 allow remote attackers to execute arbitrary SQL commands via the (1) documentDirty or (2) modVariables parameter.
Page 2 of 2