CVE Vulnerabilities

CVE-2006-5730

Published: Nov 06, 2006 | Modified: Oct 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5.1 MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

PHP remote file inclusion vulnerability in manager/media/browser/mcpuk/connectors/php/Commands/Thumbnail.php in Modx CMS 0.9.2.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the base_path parameter. NOTE: it is possible that this is a vulnerability in FCKeditor.

Affected Software

Name Vendor Start Version End Version
Modxcms Modxcms 0.9.1 0.9.1
Modxcms Modxcms * 0.9.2.1

References