CVE-2025-13816
- EPSS 0.15%
- Veröffentlicht 01.12.2025 08:32:05
- Zuletzt bearbeitet 03.12.2025 22:02:11
A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted element is the function FileOperation.unzip of the file /networkDisk/unzipFile of the component ZIP File Handler. Such manipulation of the argument fileUrl ...
CVE-2025-13815
- EPSS 0.05%
- Veröffentlicht 01.12.2025 08:02:05
- Zuletzt bearbeitet 03.12.2025 22:02:30
A weakness has been identified in moxi159753 Mogu Blog v2 up to 5.2. The affected element is an unknown function of the file /file/pictures. This manipulation of the argument filedatas causes unrestricted upload. The attack may be initiated remotely....
CVE-2025-13814
- EPSS 0.06%
- Veröffentlicht 01.12.2025 07:32:06
- Zuletzt bearbeitet 03.12.2025 22:02:40
A security flaw has been discovered in moxi159753 Mogu Blog v2 up to 5.2. Impacted is the function LocalFileServiceImpl.uploadPictureByUrl of the file /file/uploadPicsByUrl. The manipulation results in server-side request forgery. The attack can be l...
CVE-2025-13813
- EPSS 0.06%
- Veröffentlicht 01.12.2025 07:16:01
- Zuletzt bearbeitet 03.12.2025 22:02:55
A vulnerability was identified in moxi159753 Mogu Blog v2 up to 5.2. This issue affects some unknown processing of the file /storage/ of the component Storage Management Endpoint. The manipulation leads to missing authorization. The attack can be ini...
CVE-2023-2101
- EPSS 0.16%
- Veröffentlicht 15.04.2023 13:15:45
- Zuletzt bearbeitet 21.11.2024 07:57:56
A vulnerability, which was classified as problematic, has been found in moxi624 Mogu Blog v2 up to 5.2. This issue affects the function uploadPictureByUrl of the file /mogu-picture/file/uploadPicsByUrl. The manipulation of the argument urlList leads ...
CVE-2022-30517
- EPSS 0.22%
- Veröffentlicht 12.07.2022 23:15:12
- Zuletzt bearbeitet 21.11.2024 07:02:51
Mogu blog 5.2 is vulnerable to Cross Site Scripting (XSS).