mozilo

Top products

The 15 most recently published vulnerabilities affecting mozilo.

• CVE-2024-44872A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.6.1Sep 10, 2024
• CVE-2024-44871An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file.7.2Sep 10, 2024
• CVE-2024-29368An arbitrary file upload vulnerability in the file handling module of moziloCMS v2.0 allows attackers to bypass extension restrictions via file renaming, potentially leading to unauthorized file ex...6.5Apr 22, 2024
• CVE-2024-2245Cross-Site Scripting vulnerability in moziloCMS5.4Mar 7, 2024
• CVE-2022-23357mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir.9.1Feb 3, 2022
• CVE-2020-25394A stored cross site scripting (XSS) vulnerability in moziloCMS 2.0 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Content" parameter.5.4Jul 9, 2021
• CVE-2009-4209Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in moziloCMS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the (1) cat and (2) file parameters in a...4.3Dec 4, 2009
• CVE-2009-1369moziloCMS 1.11 allows remote attackers to obtain sensitive information via the (1) gal[] parameter to gallery.php, (2) page[] and (3) cat[] parameter to index.php, or (4) file[] parameter to downlo...5.0Apr 22, 2009
• CVE-2009-1368Directory traversal vulnerability in index.php in moziloCMS 1.11 allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter. NOTE: this might be the same issue as CVE...7.5Apr 22, 2009
• CVE-2009-1367Cross-site scripting (XSS) vulnerability in index.php in moziloCMS 1.11 allows remote attackers to inject arbitrary web script or HTML via the query parameter in search action, a different issue th...4.3Apr 22, 2009
• CVE-2008-6131Session fixation vulnerability in moziloWiki 1.0.1 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.6.0Feb 13, 2009
• CVE-2008-6130Cross-site scripting (XSS) vulnerability in index.php in moziloWiki 1.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) action and (2) page parameters.4.3Feb 13, 2009
• CVE-2008-6129Directory traversal vulnerability in print.php in moziloWiki 1.0.1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the page parameter.4.3Feb 13, 2009
• CVE-2008-6128Session fixation vulnerability in moziloCMS 1.10.2 and earlier allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.6.8Feb 13, 2009
• CVE-2008-6127Multiple cross-site scripting (XSS) vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) page and (2) query parameters to (a) in...4.3Feb 13, 2009