CVE-2024-10928

MonoCMS up to 20240528 is affected by a cross-site scripting vulnerability in /monofiles/opensaved.php in the Posts Page. The issue arises from manipulation of the filtcategory and filtstatus parameters, allowing remote attackers to inject script/HTML. Exploitation is disclosed publicly. Several ...

CVE-2024-10927

MonoCMS CVE-2024-10927 affects the Account Information Page (/monofiles/account.php); the vulnerability is a cross-site scripting flaw triggered by the userid argument, enabling remote exploitation. Multiple sources confirm it affects versions up to 20240528 and that the exploit has been publicly...

CVE-2024-10927 MonoCMS Account Information Page account.php cross site scripting

A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic. Affected is an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the argument userid leads to cross site scripting. It is possible to launch...

MonoCMS 注入漏洞

MonoCMS is a content management system from MonoCMS, Inc. An injection vulnerability exists in MonoCMS 20240528 and prior versions, which stems from a cross-site scripting attack due to improper handling of the parameter userid...

PT-2024-16646 · Monocms · Monocms

Name of the Vulnerable Software and Affected Versions: MonoCMS versions up to 20240528 Description: A problematic issue was found in MonoCMS, affecting an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the userid argument leads t...