The remote web server is hosting a web application that is vulnerable to multiple attack vectors.
The remote web server is hosting MODx, a content management system written in PHP. The installed version of MODx is earlier than 1.0.3. Such versions are potentially affected by multiple vulnerabilities : - A cross-site scripting vulnerability in the 'SearchHighlight' plugin. (CVE-2010-1427) - A SQL-injection vulnerability related to WebLogin. (CVE-2010-1426)