CVE-2025-69770
Published
CVSS v3
10
CRITICAL
CVSS v2
N/A
Affected
2
PROJECTS
Description
A zip slip vulnerability in the /DesignTools/SkinList.aspx endpoint of MojoPortal CMS v2.9.0.1 allows attackers to execute arbitrary commands via uploading a crafted zip file.
mojoPortal is an extensible, cross database, mobile friendly, web content management system (CMS) and web application framework written in C# ASP.NET.
GitHubGitHub