Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MODX Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2022-26149 - Vulnerability Database
MODX

MODX Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2022-26149

High
Reference: CVE-2022-26149
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-26149
Title: MODX Unrestricted Upload of File with Dangerous Type Vulnerability
Overview:

MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file because the Uploadable File Types setting can be changed by an administrator.