Vulnerabilities > Mozilo
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-10 | CVE-2024-44871 | Unrestricted Upload of File with Dangerous Type vulnerability in Mozilo Mozilocms 3.0 An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file. | 7.2 |
2024-09-10 | CVE-2024-44872 | Cross-site Scripting vulnerability in Mozilo Mozilocms 3.0 A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. | 6.1 |
2022-02-03 | CVE-2022-23357 | Path Traversal vulnerability in Mozilo Mozilocms 2.0 mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir. | 9.1 |
2021-07-09 | CVE-2020-25394 | Cross-site Scripting vulnerability in Mozilo Mozilocms 2.0 A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Content" parameter. | 5.4 |