CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

PT-2026-8017

Name of the Vulnerable Software and Affected Versions MojoPortal CMS version 2.9.0.1 Description A zip slip vulnerability exists in the /DesignTools/SkinList.aspx API endpoint of the software. This allows attackers to execute arbitrary commands by uploading a specially crafted zip file. The zip...

CVE-2025-69770

MojoPortal CMS v2.9.0.1 is affected by a zip-slip vulnerability in the /DesignTools/SkinList.aspx endpoint that allows arbitrary command execution via uploaded crafted ZIP files. The issue arises from improper ZIP handling, enabling unintended file extraction with high impact (CVE-2025-69770). Re...

CVE-2025-69770

A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file...

MojoPortal CMS 安全漏洞

MojoPortal CMS is a content management system developed by MojoPortal Corporation. Version 2.9.0.1 of MojoPortal CMS has a security vulnerability. This vulnerability stems from a zip slip vulnerability present in the /DesignTools/SkinList.aspx endpoint, which may allow arbitrary commands to be...