Lucene search
K

22 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2010-3599

Malware in sbrugna...

6.8CVSS6.4AI score0.02457EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-12357

Malicious code in bioql PyPI...

6.5CVSS9AI score0.02128EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-28379

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.012EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2023-48368

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01395EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-43442

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00985EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:26 a.m.6 views

CVE-2023-44008

File Upload vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the File Manager function...

9.8CVSS7.8AI score0.01285EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:26 a.m.6 views

CVE-2023-44012

Cross Site Scripting vulnerability in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via the helpkey parameter in the Help.aspx component...

6.1CVSS7.3AI score0.01258EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 4:26 a.m.9 views

CVE-2023-44011

An issue in mojoPortal v.2.7.0.0 allows a remote attacker to execute arbitrary code via a crafted script to the layout.master skin file at the Skin management component...

9.8CVSS7.8AI score0.01389EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 3:22 a.m.9 views

CVE-2023-24689

An issue in Mojoportal v2.7.0.0 and below allows an authenticated attacker to list all css files inside the root path of the webserver via manipulation of the "s" parameter in /DesignTools/ManageSkin.aspx...

4.3CVSS6.8AI score0.00729EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:21 a.m.6 views

CVE-2023-24322

A reflected cross-site scripting XSS vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters...

6.1CVSS5.7AI score0.31714EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:59 a.m.8 views

CVE-2017-1000457

Cross-site scripting XSS vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting for user accounts assigned either the "Administrators" or...

4.8CVSS5.5AI score0.00819EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/04/26 5:23 a.m.8 views

CVE-2025-28367

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey...

6.5CVSS6.8AI score0.02128EPSS
Exploits1References1
NVD
NVD
added 2025/04/21 4:15 p.m.19 views

CVE-2025-28367

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey...

6.5CVSS0.02128EPSS
Exploits1References2
OSV
OSV
added 2025/04/21 12:0 a.m.6 views

CVE-2025-28367

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey...

6.5CVSS7AI score0.02128EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/04/21 12:0 a.m.6 views

CVE-2025-28367

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey...

6.4AI score0.02128EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/04/21 12:0 a.m.15 views

CVE-2025-28367

mojoPortal =2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey...

0.02128EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/04/21 12:0 a.m.6 views

PT-2025-17446 · Unknown · Mojoportal

Name of the Vulnerable Software and Affected Versions: mojoPortal versions 2.9.0.1 and earlier Description: The issue allows an attacker to perform a Directory Traversal attack via the BetterImageGallery API Controller, specifically through the ImageHandler action. This can lead to unauthorized...

6.5CVSS9.2AI score0.02128EPSS
Exploits1References8
CVE
CVE
added 2025/04/21 12:0 a.m.127 views

CVE-2025-28367

mojoPortal

6.5CVSS7AI score0.02128EPSS
In wildExploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/09 12:0 a.m.5 views

CVE-2023-24322

A reflected cross-site scripting XSS vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters...

5.9AI score0.31714EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/02/09 12:0 a.m.5 views

CVE-2023-24689

An issue in Mojoportal v2.7.0.0 and below allows an authenticated attacker to list all css files inside the root path of the webserver via manipulation of the "s" parameter in /DesignTools/ManageSkin.aspx...

7AI score0.00729EPSS
Exploits1References2
Rows per page
Query Builder