CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Mojoportal: >> Mojoportal >> 2.9.0.1 Security Vulnerabilities

CVE-2025-28367

mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey.

CVSS Score

6.5

EPSS Score

0.077

Published

2025-04-21

Page 1

Vulnerabilities

Vulnerable Software

Mojoportal: >> Mojoportal >> 2.9.0.1 Security Vulnerabilities

Products

Pricing

Contact Us