CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-10109 – Monstra cms 3.0.4 - Persitent Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-10109
14 Apr 2018 — Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the content section of a new page in the blog catalog. Monstra CMS 3.0.4 tiene una vulnerabilidad de Cross-Site Scripting (XSS) persistente cuando un atacante tiene acceso al rol de editor e introduce la carga útil en la sección content de una nueva página en el catálogo de blogs. • https://www.exploit-db.com/exploits/44502 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3CVE-2018-9037 – Monstra CMS 3.0.4 Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-9037
10 Apr 2018 — Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files. Monstra CMS 3.0.4 permite la ejecución remota de código mediante una petición upload_file para un archivo .zip, que se extrae de forma automática y puede contener archivos .php. Monstra CMS version 3.0.4 suffers from a shell upload remote code execution vulnerability. • https://packetstorm.news/files/id/147608 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 2CVE-2018-9038 – Monstra CMS 3.0.4 - Arbitrary Folder Deletion
https://notcve.org/view.php?id=CVE-2018-9038
10 Apr 2018 — Monstra CMS 3.0.4 allows remote attackers to delete files via an admin/index.php?id=filesmanager&delete_dir=./&path=uploads/ request. Monstra CMS 3.0.4 permite que atacantes remotos eliminen archivos mediante una petición admin/index.php?id=filesmanagerdelete_dir=. • https://packetstorm.news/files/id/147348 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6550
https://notcve.org/view.php?id=CVE-2018-6550
02 Feb 2018 — Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php. Monstra CMS hasta la versión 3.0.4 tiene Cross-Site Scripting (XSS) en la función title en plugins/box/pages/pages.plugin.php mediante un título de página en admin/index.php. • https://github.com/monstra-cms/monstra/commit/388ab412035474068758df6b07e7e06852f3747b • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 3%CPEs: 1EXPL: 5CVE-2018-6383 – Monstra CMS 3.0.4 - Remote Code Execution (Authenticated)
https://notcve.org/view.php?id=CVE-2018-6383
29 Jan 2018 — Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a different vulnerability than CVE-2017-18048. Monstra CMS hasta la versión 3.0.4 tiene una lista incompleta "forbidden types" (tipos prohibidos) que excluye las extensiones de archivo .php (y similares), pero no las extensiones .pht o .phar, lo que permit... • https://packetstorm.news/files/id/162968 • CWE-184: Incomplete List of Disallowed Inputs •
CVSS: 8.8EPSS: 91%CPEs: 1EXPL: 4CVE-2017-18048 – Monstra CMS Authenticated Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2017-18048
23 Jan 2018 — Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for example because .php (lowercase) is blocked but .PHP (uppercase) is not. Monstra CMS 3.0.4 permite que los usuarios suban archivos arbitrarios, lo que conduce a la ejecución remota de comandos en el servidor, por ejemplo, debido a que .php (minúscula) está bloqueado pero .PHP (mayúscula) no lo está. • https://packetstorm.news/files/id/148487 • CWE-434: Unrestricted Upload of File with Dangerous Type •