Description
MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator.
Remediation
References
Related Vulnerabilities
WordPress Plugin Verify Google Webmaster Tools Unspecified Vulnerability (1.3)
Moodle Improper Authentication Vulnerability (CVE-2013-2245)
WordPress Plugin RestroPress-Online Food Ordering System Cross-Site Request Forgery (2.8.2)
Oracle Database Server CVE-2008-2590 Vulnerability (CVE-2008-2590)
WordPress Plugin User Avatar Unspecified Vulnerability (1.4.6)