Lucene search

Monocms Security Vulnerabilities

cve

CVE-2020-28672

MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/[foldername]/index.php causing...

7.2CVSS

7.3AI Score

0.003EPSS

2021-01-07 03:15 PM

cve

CVE-2020-25985

MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not...

8.1CVSS

7.9AI Score

0.003EPSS

2020-10-07 12:15 PM

cve

CVE-2020-25986

A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a...

6.5CVSS

6.7AI Score

0.001EPSS

2020-10-06 01:15 PM

cve

CVE-2020-25987

MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the...

7.5CVSS

7.5AI Score

0.005EPSS

2020-10-06 01:15 PM