本ページは modx revolution に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2022-26149 | MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator. | [email protected] | 7.2 | 9.31% | 2022-02-26 | 2024-11-21 |
| CVE-2017-1000067 | MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges. | [email protected] | 8.8 | 1.11% | 2017-07-17 | 2026-05-13 |
| CVE-2010-4883 | Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows remote attackers to inject arbitrary web script or HTML via the modhash parameter. | [email protected] | 2.6 | 1.98% | 2011-10-07 | 2026-04-29 |