mojoPortal v.2.7.0.0 - Cross-Site Scripting

Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component. id: CVE-2023-44012 info: name: mojoPortal v.2.7.0.0 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross...

mojoPortal 2.7.0.0 - Cross-Site Scripting

mojoPortal 2.7.0.0 contains a cross-site scripting vulnerability in the FileDialog.aspx component, which can allow an attacker to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters. id: CVE-2023-24322 info: name: mojoPortal 2.7.0.0 - Cross-Site...

mojoPortal <=2.9.0.1 - Directory Traversal

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey. id: CVE-2025-28367 info: name: mojoPortal =2.9.0.1 - Directory Traversal author...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

PT-2026-8017

Name of the Vulnerable Software and Affected Versions MojoPortal CMS version 2.9.0.1 Description A zip slip vulnerability exists in the /DesignTools/SkinList.aspx API endpoint of the software. This allows attackers to execute arbitrary commands by uploading a specially crafted zip file. The zip...

CVE-2025-69770

MojoPortal CMS v2.9.0.1 is affected by a zip-slip vulnerability in the /DesignTools/SkinList.aspx endpoint that allows arbitrary command execution via uploaded crafted ZIP files. The issue arises from improper ZIP handling, enabling unintended file extraction with high impact (CVE-2025-69770). Re...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

MojoPortal CMS 安全漏洞

MojoPortal CMS is a content management system developed by MojoPortal Corporation. Version 2.9.0.1 of MojoPortal CMS has a security vulnerability. This vulnerability stems from a zip slip vulnerability present in the /DesignTools/SkinList.aspx endpoint, which may allow arbitrary commands to be...

EUVD-2013-5160

Malware in sbrugna...

EUVD-2010-3599

Malware in sbrugna...

EUVD-2017-1584

Malware in sbrugna...

EUVD-2010-3598

Malware in sbrugna...

EUVD-2023-28699

Malicious code in bioql PyPI...

EUVD-2022-43632

Malicious code in bioql PyPI...

EUVD-2023-28698

Malicious code in bioql PyPI...

EUVD-2023-48368

Malicious code in bioql PyPI...

EUVD-2025-12357

Malicious code in bioql PyPI...