Vulnerabilities > Mojoportal

DATE CVE VULNERABILITY TITLE RISK
2022-09-30 CVE-2022-40341 Unrestricted Upload of File with Dangerous Type vulnerability in Mojoportal 2.7.0.0
mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file.
network
low complexity
mojoportal CWE-434
8.8
2018-02-24 CVE-2018-7447 Cross-site Scripting vulnerability in Mojoportal
mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site scripting vulnerabilities because it fails to sanitize user-supplied input.
network
low complexity
mojoportal CWE-79
4.8
2018-01-02 CVE-2017-1000457 Cross-site Scripting vulnerability in Mojoportal 2.5.0.0
Cross-site scripting (XSS) vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter.
network
mojoportal CWE-79
3.5