exploitDog

CVE-2022-40123

Опубликовано: 03 окт. 2022

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at /DesignTools/CssEditor.aspx. This vulnerability allows authenticated attackers to read arbitrary files in the system.

Ссылки

http://mojoportal.com
Product
https://weed-1.gitbook.io/cve/mojoportal/directory-traversal-in-mojoportal-v2.7-cve-2022-40123
Exploit
Third Party Advisory
http://mojoportal.com
Product
https://weed-1.gitbook.io/cve/mojoportal/directory-traversal-in-mojoportal-v2.7-cve-2022-40123
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mojoportal:mojoportal:2.7.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00934

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-34xx-8783-75f7

CVSS3: 6.5

github

больше 3 лет назад

mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at /DesignTools/CssEditor.aspx. This vulnerability allows authenticated attackers to read arbitrary files in the system.

EPSS

Процентиль: 76%

0.00934

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-22