CVE-2008-0094

Modxcms - Path Traversal

Title source: rule
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-0094. PoCs published by AmnPardaz Security Research Team.

AI-analyzed exploit summary This exploit leverages a path traversal vulnerability in MODx to retrieve arbitrary files from the server. The vulnerability arises due to improper sanitization of user-supplied input in the 'file' parameter of 'htcmime.php'.

Description

Multiple directory traversal vulnerabilities in MODx Content Management System 0.9.6.1 allow remote attackers to (1) include and execute arbitrary local files via a .. (dot dot) in the as_language parameter to assets/snippets/AjaxSearch/AjaxSearch.php, reached through index-ajax.php; and (2) read arbitrary local files via a .. (dot dot) in the file parameter to assets/js/htcmime.php.

Exploits (2)

exploitdb WORKING POC VERIFIED
by AmnPardaz Security Research Team · textwebappsphp
https://www.exploit-db.com/exploits/30968

This exploit leverages a path traversal vulnerability in MODx to retrieve arbitrary files from the server. The vulnerability arises due to improper sanitization of user-supplied input in the 'file' parameter of 'htcmime.php'.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: MODx 0.9.6.1
No auth needed
Prerequisites: Access to the vulnerable MODx installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by AmnPardaz Security Research Team · textwebappsphp
https://www.exploit-db.com/exploits/30969

This exploit demonstrates a local file inclusion vulnerability in MODx 0.9.6.1 by manipulating the 'as_language' parameter to include arbitrary files via directory traversal. The 'q' parameter is used to specify the file to be included, allowing potential execution of local script code.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: MODx 0.9.6.1
No auth needed
Prerequisites: Access to the target MODx application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3522
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28220
Various Sources x_refsource_confirm
http://modxcms.com/forums/index.php/topic%2C21290.0.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39352
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27097
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/485707/100/0/threaded
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27096

Scores

EPSS 0.0323
EPSS Percentile 86.6%

Details

CWE
CWE-22
Status published
Products (1)
modxcms/modxcms 0.9.6.1
Published Jan 08, 2008
Tracked Since Feb 18, 2026