CVE-2025-28367 in mojoPortalinformation

Résumé

par MITRE • 21/04/2025

mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsable

MITRE

Réserver

11/03/2025

Divulgation

21/04/2025

Modérer

accepté

Entrée

VDB-305787

CPE

prêt

EPSS

0.02128

KEV

non

Activités

très faible

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!