CVE-2010-3930

MODx Evolution < 1.0.4 - Path Traversal via AjaxSearch

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to read arbitrary files via unspecified vectors related to AjaxSearch, a different vulnerability than CVE-2010-1427.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/70772
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000009.html
Various Sources x_refsource_confirm
http://modxcms.com/forums/index.php/topic%2C60045.0.html
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN95385972/index.html

Scores

EPSS 0.0239
EPSS Percentile 81.9%

Details

CWE
CWE-22
Status published
Products (10)
modxcms/evolution 0.9.0
modxcms/evolution 0.9.1
modxcms/evolution 0.9.2.1
modxcms/evolution 0.9.5
modxcms/evolution 0.9.6
modxcms/evolution 0.9.6.1 (2 CPE variants)
modxcms/evolution 0.9.6.2
modxcms/evolution 1.0.2
modxcms/evolution 1.0.3
modxcms/evolution < 1.0.4
Published Feb 02, 2011
Tracked Since Feb 18, 2026