Security Advisory

CVE-2019-1010123

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-07-23 12:36:44

Last updated 2024-08-05 03:07:18

Assigner dwf

State PUBLISHED

Description

MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Upload of File with Dangerous Type. The impact is: Creating file with custom a filename and content. The component is: Filtering user parameters before passing them into phpthumb class. The attack vector is: web request via /assets/components/gallery/connector.php.

← Browse all CVEs View on cve.org ↗