CVE-2017-9067

Published: 2017-05-18T16:29Z

Last Modified: 2024-11-21T03:35Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt