CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

CVE-2022-40123

mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at /DesignTools/CssEditor.aspx. This vulnerability allows authenticated attackers to read arbitrary files in the system...

CVE-2022-40123

mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at /DesignTools/CssEditor.aspx. This vulnerability allows authenticated attackers to read arbitrary files in the system...

PT-2022-25227 · Unknown · Mojoportal

Name of the Vulnerable Software and Affected Versions: mojoPortal version 2.7 Description: The issue allows authenticated attackers to read arbitrary files in the system due to a path traversal vulnerability. This vulnerability can be exploited via the f parameter at the...

mojoPortal 路径遍历漏洞

mojoPortal is an open source, object-oriented web architecture WSF and content management system CMS from Joe Audette, an individual developer in the United States. The system provides event calendars, photo albums, file managers, etc. mojoPortal v2.7 version of the path traversal vulnerability,...