Lucene search
+L

6 matches found

Cvelist
Cvelist
added 2025/12/01 8:32 a.m.18 views

CVE-2025-13816 moxi159753 Mogu Blog v2 ZIP File unzipFile FileOperation.unzip path traversal

A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be...

6.5CVSS0.00552EPSS
Exploits1References5
OSV
OSV
added 2025/12/01 7:32 a.m.7 views

CVE-2025-13814 moxi159753 Mogu Blog v2 uploadPicsByUrl LocalFileServiceImpl.uploadPictureByUrl server-side request forgery

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released...

6.9CVSS5.6AI score0.00461EPSS
Exploits1References7
NVD
NVD
added 2023/04/15 1:15 p.m.19 views

CVE-2023-2101

A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be...

6.5CVSS5.1AI score0.00846EPSS
Exploits1References4
OSV
OSV
added 2023/04/15 12:31 p.m.15 views

CVE-2023-2101 moxi624 Mogu Blog v2 uploadPicsByUrl uploadPictureByUrl absolute path traversal

A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be...

4.3CVSS5.3AI score0.00846EPSS
Exploits1References6
Cvelist
Cvelist
added 2023/04/15 12:31 p.m.28 views

CVE-2023-2101 moxi624 Mogu Blog v2 uploadPicsByUrl uploadPictureByUrl absolute path traversal

A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be...

4.3CVSS6.7AI score0.00846EPSS
Exploits1References4
CVE
CVE
added 2023/04/15 12:31 p.m.47 views

CVE-2023-2101

The CVE-2023-2101 entry concerns moxi624 Mogu Blog v2 up to 5.2, where the function uploadPictureByUrl (file /mogu-picture/file/uploadPicsByUrl) is vulnerable. The issue arises from manipulating the urlList argument, causing absolute path traversal. This may be exploited remotely, and public disc...

6.5CVSS5.5AI score0.00846EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder