Page 4 of 31 results (0.001 seconds)
CVSS: 7.5EPSS: 23%CPEs: 1EXPL: 1
CVSS: 7.5EPSS: 23%CPEs: 1EXPL: 1CVE-2010-5278 – MODx manager - '/controllers/default/resource/tvs.php?class_key' Traversal Local File Inclusion
https://notcve.org/view.php?id=CVE-2010-5278
07 Oct 2012 — Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information. Vulnerabilidad de salto de directorio en manager/controllers/default/resource/tvs.php n MODx Revolution v2.0.2-pl, y posiblemente anteriores, cuando está deshabilitado magic_quot... • https://www.exploit-db.com/exploits/34788 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •