https://forums.modx.com/thread/?thread=91390 https://forums.modx.com/thread/91390/important-update-to-ajaxsearch-exploit-in-evo-1-0-13-and-prior#dis-post-499942 announced an exploit found in AjaxSearch that could allow a Remote Code Execution in MODX Evolution.

We originally suggested the removal of the index-ajax.php file was a sufficient method to protect your site from vulnerability. It has come to our attention that this was not correct. The correct methods to close this vulnerability are: remove all AjaxSearch files (if you don't use this snippet on your site), upgrade the AjaxSearch files to 1.10.1, or upgrade to Evolution 1.0.14.

Please share this message to ensure every Evo site owner knows.]]> smashingred Jun 10, 2014, 09:22 AM https://forums.modx.com/thread/91390/important-update-to-ajaxsearch-exploit-in-evo-1-0-13-and-prior#dis-post-499942