Skip to main content

Mozilocms

4 CVEs product

Monthly

CVE-2024-44872 MEDIUM POC This Month

A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Mozilocms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.4%
CVE-2024-44871 HIGH POC THREAT This Week

An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload Mozilocms
NVD GitHub Exploit-DB
CVSS 3.1
7.2
EPSS
16.2%
CVE-2024-29368 MEDIUM POC This Month

An arbitrary file upload vulnerability in the file handling module of moziloCMS v2.0 allows attackers to bypass extension restrictions via file renaming, potentially leading to unauthorized file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Mozilocms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
CVE-2024-2245 MEDIUM This Month

Cross-Site Scripting vulnerability in moziloCMS version 2.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Mozilocms
NVD
CVSS 3.1
6.1
EPSS
0.3%
EPSS 0% CVSS 6.1
MEDIUM POC This Month

A reflected cross-site scripting (XSS) vulnerability in moziloCMS v3.0 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE XSS Mozilocms
NVD GitHub
EPSS 16% CVSS 7.2
HIGH POC THREAT This Week

An arbitrary file upload vulnerability in the component /admin/index.php of moziloCMS v3.0 allows attackers to execute arbitrary code via uploading a crafted file. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP File Upload +1
NVD GitHub Exploit-DB
EPSS 1% CVSS 6.5
MEDIUM POC This Month

An arbitrary file upload vulnerability in the file handling module of moziloCMS v2.0 allows attackers to bypass extension restrictions via file renaming, potentially leading to unauthorized file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Mozilocms
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM This Month

Cross-Site Scripting vulnerability in moziloCMS version 2.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP XSS Mozilocms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy