CVE-2018-1000208
NONE EPSS 77.4%
Published Jul 13, 20187y ago · Modified Jun 17, 20262w ago
Published Jul 13, 2018 7y ago
Last Modified Jun 17, 2026 2w ago
Description
MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have been fixed in pull 13980.
Threat Intelligence
EPSS Exploit Probability
77.4% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available
Weaknesses 1
CWE-22 Path Traversal Resource Mgmt
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| modx | modx_revolution | * | ≤2.6.4 |
References 1
- github.com https://github.com/modxcms/revolution/pull/13980
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.