Unrated severityNVD Advisory· Published Apr 21, 2025· Updated Apr 21, 2025
CVE-2025-28367
CVE-2025-28367
Description
mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- mojoPortal/mojoPortaldescription
- Range: <=2.9.0.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.