Description
MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This vulnerability appears to have been fixed in pull 13980.
Remediation
References
Related Vulnerabilities
WordPress 4.8.x PHP Object Injection (4.8 - 4.8.16)
WordPress Plugin Imsanity Unspecified Vulnerability (2.3.3)
WordPress Plugin Contact Form by ContactMe.com Cross-Site Scripting (2.3)
WebLogic CVE-2024-21182 Vulnerability (CVE-2024-21182)
Jboss EAP Incorrect Authorization Vulnerability (CVE-2022-0866)