Description
MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.
Remediation
References
Related Vulnerabilities
ownCloud Improper Restriction of XML External Entity Reference Vulnerability (CVE-2014-2052)
Django Improper Input Validation Vulnerability (CVE-2023-31047)
WordPress Plugin Nelio AB Testing Server-Side Request Forgery (4.5.10)
WordPress Plugin File Browser, Manager, Backup (+ Database) Security Bypass (1.23)