CVE-2025-13816 moxi159753 Mogu Blog v2 ZIP File unzipFile FileOperation.unzip path traversal

A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl leads to path traversal. The attack may be...

CVE-2025-13814

A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be launched remotely. The exploit has been released...

CVE-2023-2101

A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be...

CVE-2023-2101

A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be...

CVE-2023-2101 moxi624 Mogu Blog v2 uploadPicsByUrl uploadPictureByUrl absolute path traversal

A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads to absolute path traversal. The attack may be...

CVE-2023-2101

The CVE-2023-2101 entry concerns moxi624 Mogu Blog v2 up to 5.2, where the function uploadPictureByUrl (file /mogu-picture/file/uploadPicsByUrl) is vulnerable. The issue arises from manipulating the urlList argument, causing absolute path traversal. This may be exploited remotely, and public disc...