← back
CVE-2007-0659

CVE-2007-0659

EPSS 1.4%
download.php in the MuddyDogPaws FileDownload snippet before 2.5 for MODx allows remote attackers to download arbitrary files, as demonstrated by downloading config.inc.php to obtain database credentials.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://modxcms.com/forums/index.php/topic%2C10470.0.htmlhttp://secunia.com/advisories/23953http://www.muddydogpaws.com/Home.htmlhttp://www.securityfocus.com/bid/22327http://www.vupen.com/english/advisories/2007/0426