Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MODX Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2010-5278 - Vulnerability Database
MODX

MODX Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2010-5278

Medium
Reference: CVE-2010-5278
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-5278
Title: MODX Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl and possibly earlier when magic_quotes_gpc is disabled allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information.