Refine your search
4 vulnerabilities found for MODX Evolution by MODX
jvndb-2011-000009
Vulnerability from jvndb
Published
2011-01-26 15:52
Modified
2011-01-26 15:52
Summary
MODx Evolution vulnerable to directory traversal
Details
MODx Evolution contains a directory traversal vulnerability.
MODx provided by the MODx CMS Project is a Content Management System (CMS) software. MODx contains a directory traversal vulnerability.
References
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000009.html",
"dc:date": "2011-01-26T15:52+09:00",
"dcterms:issued": "2011-01-26T15:52+09:00",
"dcterms:modified": "2011-01-26T15:52+09:00",
"description": "MODx Evolution contains a directory traversal vulnerability.\r\n\r\nMODx provided by the MODx CMS Project is a Content Management System (CMS) software. MODx contains a directory traversal vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000009.html",
"sec:cpe": {
"#text": "cpe:/a:modx:evolution",
"@product": "MODX Evolution",
"@vendor": "MODX",
"@version": "2.2"
},
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2011-000009",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN95385972/index.html",
"@id": "JVN#95385972",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3930",
"@id": "CVE-2010-3930",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3930",
"@id": "CVE-2010-3930",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201101_MODx_en.html",
"@id": "Security Alert for Vulnerability in MODx Evolution",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://osvdb.org/70772",
"@id": "70772",
"@source": "OSVDB"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-22",
"@title": "Path Traversal(CWE-22)"
}
],
"title": "MODx Evolution vulnerable to directory traversal"
}
jvndb-2011-000008
Vulnerability from jvndb
Published
2011-01-26 15:46
Modified
2011-01-26 15:46
Summary
MODx Evolution vulnerable to SQL injection
Details
MODx Evolution contains a SQL injection vulnerability.
MODx provided by the MODx CMS Project is a Content Management System (CMS) software. MODx Evolution contains SQL injection vulnerability.
References
| Type | URL | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000008.html",
"dc:date": "2011-01-26T15:46+09:00",
"dcterms:issued": "2011-01-26T15:46+09:00",
"dcterms:modified": "2011-01-26T15:46+09:00",
"description": "MODx Evolution contains a SQL injection vulnerability.\r\n\r\nMODx provided by the MODx CMS Project is a Content Management System (CMS) software. MODx Evolution contains SQL injection vulnerability.",
"link": "https://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000008.html",
"sec:cpe": {
"#text": "cpe:/a:modx:evolution",
"@product": "MODX Evolution",
"@vendor": "MODX",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2011-000008",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN54092716/index.html",
"@id": "JVN#54092716",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3929",
"@id": "CVE-2010-3929",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3929",
"@id": "CVE-2010-3929",
"@source": "NVD"
},
{
"#text": "http://www-test.ipa.go.jp/about/press/20110126.html",
"@id": "20110126",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/65082",
"@id": "65082",
"@source": "XF"
},
{
"#text": "http://osvdb.org/70771",
"@id": "70771",
"@source": "OSVDB"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-89",
"@title": "SQL Injection(CWE-89)"
}
],
"title": "MODx Evolution vulnerable to SQL injection"
}
jvndb-2010-000012
Vulnerability from jvndb
Published
2010-04-08 17:47
Modified
2010-04-08 17:47
Summary
MODx vulnerable to SQL injection
Details
MODx provided by The MODx CMS Project contains a SQL injection vulnerability.
MODx provided by the MODx CMS Project is a Contents Management System (CMS) software. MODx contains a SQL injection vulnerability.
Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000012.html",
"dc:date": "2010-04-08T17:47+09:00",
"dcterms:issued": "2010-04-08T17:47+09:00",
"dcterms:modified": "2010-04-08T17:47+09:00",
"description": "MODx provided by The MODx CMS Project contains a SQL injection vulnerability.\r\n\r\nMODx provided by the MODx CMS Project is a Contents Management System (CMS) software. MODx contains a SQL injection vulnerability.\r\n\r\nTakeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000012.html",
"sec:cpe": {
"#text": "cpe:/a:modx:evolution",
"@product": "MODX Evolution",
"@vendor": "MODX",
"@version": "2.2"
},
"sec:cvss": {
"@score": "7.5",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000012",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN19774883/index.html",
"@id": "JVN#19774883",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1426",
"@id": "CVE-2010-1426",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1426",
"@id": "CVE-2010-1426",
"@source": "NVD"
},
{
"#text": "http://www.ipa.go.jp/security/english/vuln/201004_modx_en.html",
"@id": "Security Alert for Vulnerability in MODx",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "http://secunia.com/advisories/39298",
"@id": "SA39298",
"@source": "SECUNIA"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/57636",
"@id": "57636",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-89",
"@title": "SQL Injection(CWE-89)"
}
],
"title": "MODx vulnerable to SQL injection"
}
jvndb-2010-000013
Vulnerability from jvndb
Published
2010-04-08 17:47
Modified
2010-04-08 17:47
Summary
MODx vulnerable to cross-site scripting
Details
MODx provided by The MODx CMS Project contains a cross-site scripting vulnerability.
MODx provided by the MODx CMS Project is a Contents Management System (CMS) software. MODx contains a cross-site scripting vulnerability.
Takeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| Type | URL | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | |
|---|---|---|
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000013.html",
"dc:date": "2010-04-08T17:47+09:00",
"dcterms:issued": "2010-04-08T17:47+09:00",
"dcterms:modified": "2010-04-08T17:47+09:00",
"description": "MODx provided by The MODx CMS Project contains a cross-site scripting vulnerability.\r\n\r\nMODx provided by the MODx CMS Project is a Contents Management System (CMS) software. MODx contains a cross-site scripting vulnerability.\r\n\r\nTakeshi Terada of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-000013.html",
"sec:cpe": {
"#text": "cpe:/a:modx:evolution",
"@product": "MODX Evolution",
"@vendor": "MODX",
"@version": "2.2"
},
"sec:cvss": {
"@score": "4.3",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-000013",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN46669729/index.html",
"@id": "JVN#46669729",
"@source": "JVN"
},
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1427",
"@id": "CVE-2010-1427",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1427",
"@id": "CVE-2010-1427",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/39298",
"@id": "SA39298",
"@source": "SECUNIA"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/57635",
"@id": "57635",
"@source": "XF"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-79",
"@title": "Cross-site Scripting(CWE-79)"
}
],
"title": "MODx vulnerable to cross-site scripting"
}