Vulnerabilities > Mozilo

DATE CVE VULNERABILITY TITLE RISK
2024-09-10 CVE-2024-44871 Unrestricted Upload of File with Dangerous Type vulnerability in Mozilo Mozilocms 3.0
An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file.
network
low complexity
mozilo CWE-434
7.2
2024-09-10 CVE-2024-44872 Cross-site Scripting vulnerability in Mozilo Mozilocms 3.0
A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.
network
low complexity
mozilo CWE-79
6.1
2022-02-03 CVE-2022-23357 Path Traversal vulnerability in Mozilo Mozilocms 2.0
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir.
network
low complexity
mozilo CWE-22
critical
9.1
2021-07-09 CVE-2020-25394 Cross-site Scripting vulnerability in Mozilo Mozilocms 2.0
A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Content" parameter.
network
low complexity
mozilo CWE-79
5.4