Description

SQL injection vulnerability in modx.class.php in MODX Revolution 2.0.0 before 2.2.13 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

CVE-2014-2311

Related Vulnerabilities

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4219)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-14718)

Squid Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2005-0211)

WordPress Plugin Mini Mail Dashboard Widget 'abspath' Parameter Remote File Include (1.36)

WordPress Plugin Popups, Welcome Bar, Optins and Lead Generation-Icegram Cross-Site Scripting (1.10.28.2)

Severity

High

Classification

CVE-2014-2311 CWE-138

Tags

Missing Update Known Vulnerabilities