Vulnerabilities > Mojoportal
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-30 | CVE-2022-40341 | Unrestricted Upload of File with Dangerous Type vulnerability in Mojoportal 2.7.0.0 mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file. | 8.8 |
2018-02-24 | CVE-2018-7447 | Cross-site Scripting vulnerability in Mojoportal mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. | 4.8 |
2018-01-02 | CVE-2017-1000457 | Cross-site Scripting vulnerability in Mojoportal 2.5.0.0 Cross-site scripting (XSS) vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. | 4.8 |