CVSS: 9.8EPSS: 7%CPEs: 2EXPL: 2CVE-2006-5730 – MODx CMS 0.9.2.1 - 'FCKeditor' Remote File Inclusion
https://notcve.org/view.php?id=CVE-2006-5730
06 Nov 2006 — PHP remote file inclusion vulnerability in manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php in Modx CMS 0.9.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter. NOTE: it is possible that this is a vulnerability in FCKeditor. Vulnerabilidad de inclusión remota de archivo en PHP en manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php en Modx CMS 0.9.2.1 y anteriores permite a atacantes remotos ejecutar código PHP de su elecci... • https://www.exploit-db.com/exploits/2706 •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2006-1820 – MODx CMS 0.9.1 - 'index.php' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2006-1820
18 Apr 2006 — Cross-site scripting (XSS) vulnerability in index.php in ModX 0.9.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. NOTE: this might be resultant from the directory traversal vulnerability. • https://www.exploit-db.com/exploits/27648 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 1CVE-2006-1821 – MODx CMS 0.9.1 - 'index.php' Directory Traversal
https://notcve.org/view.php?id=CVE-2006-1821
18 Apr 2006 — Directory traversal vulnerability in index.php in ModX 0.9.1 allows remote attackers to read arbitrary files via a .. (dot dot) sequence and trailing NULL (%00) byte in the id parameter. • https://www.exploit-db.com/exploits/27649 •