CVE-2018-1000208

NONE EPSS 77.4%
Published Jul 13, 20187y ago · Modified Jun 17, 20262w ago
Find Similar
Published Jul 13, 2018 7y ago
Last Modified Jun 17, 2026 2w ago

Description

MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have been fixed in pull 13980.

Threat Intelligence

EPSS Exploit Probability
77.4% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 1

VendorProductVersionRange
modxmodx_revolution* ≤2.6.4

References 1

  • github.com https://github.com/modxcms/revolution/pull/13980
    ExploitThird Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.