CVE-2010-5278: Directory traversal vulnerability in

Directory traversal vulnerability in manager/controllers/default/resource/tvs.php in MODx Revolution 2.0.2-pl, and possibly earlier, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the class_key parameter. NOTE: some of these details are obtained from third party information.

• EPSS 9.4% (93.0% percentile)
• CVSS 4.3 medium

Detection rules

• CVE-2010-5278 Exploitation Attempt critical

Browse the CVE database

Read the full analysis on IntelFusions