Description
MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2008-0342 Vulnerability (CVE-2008-0342)
WordPress Plugin Login Widget With Shortcode Cross-Site Request Forgery (3.1.1)
WordPress Plugin File Manager Cross-Site Scripting (7.0)
MySQL CVE-2020-2584 Vulnerability (CVE-2020-2584)
WordPress Plugin SEO Plugin LiveOptim Multiple Vulnerabilities (1.1.8-free)