51 matches found
CVE-2024-10927 MonoCMS Account Information Page account.php cross site scripting
A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic. Affected is an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the argument userid leads to cross site scripting. It is possible to launch...
CVE-2024-10927
MonoCMS CVE-2024-10927 affects the Account Information Page (/monofiles/account.php); the vulnerability is a cross-site scripting flaw triggered by the userid argument, enabling remote exploitation. Multiple sources confirm it affects versions up to 20240528 and that the exploit has been publicly...
PT-2024-16647
Name of the Vulnerable Software and Affected Versions MonoCMS up to 20240528 Description A vulnerability was found in MonoCMS, affecting an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the filtcategory and filtstatus arguments leads t...
MonoCMS 注入漏洞
MonoCMS is a content management system from MonoCMS, Inc. An injection vulnerability exists in MonoCMS 20240528 and prior versions, which stems from a cross-site scripting attack due to improper handling of the parameter userid...
PT-2024-16646 · Monocms · Monocms
Name of the Vulnerable Software and Affected Versions: MonoCMS versions up to 20240528 Description: A problematic issue was found in MonoCMS, affecting an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the userid argument leads t...
MonoCMS 注入漏洞
MonoCMS is a free and open source content management system. MonoCMS /monofiles/opensaved.php handling filtcategory parameter has a cross-site scripting vulnerability that can be exploited by a remote attacker to inject malicious script or HTML code, which can be used to obtain sensitive...
MonoCMS Remote Code Execution (CVE-2020-28672)
A remote code execution vulnerability exists in MonoCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
MonoCMS Blog Access Control Error Vulnerability
Mono is an open source software platform for creating .NET cross-platform applications. MonoCMS Blog 1.0 suffers from an Access Control Error vulnerability that stems from incorrect access control and leads to remote execution of arbitrary code...
CVE-2020-28672
MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...
CVE-2020-28672
MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...
Design/Logic Flaw
MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...
CVE-2020-28672
MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...
CVE-2020-28672
MonoCMS Blog 1.0 is affected by an Access Control Error that can lead to remote arbitrary code execution. The issue arises at monofiles/category.php:27, where user input can be saved to category/[foldername]/index.php, enabling RCE. This CVE is CVE-2020-28672. The connected sources corroborate a ...
MonoCMS Blog Information Disclosure Vulnerability
Mono is a free and open source project hosted by Xamarin previously Novell, first Ximian. A security vulnerability exists in version 1.0 of MonoCMS Blog, which stems from storing a hard-coded administrative hash in the log.xml file in the source file of MonoCMS Blog, with hash type bcrypt and has...
CVE-2020-25985
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...
CVE-2020-25985
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...
Arbitrary file deletion
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...
CVE-2020-25985
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...
CVE-2020-25985
CVE-2020-25985 affects MonoCMS Blog 1.0. The vulnerability is described as Arbitrary File Deletion: any authenticated user can delete files on and off the webserver, with PHP files potentially unlinked rather than deleted. The connected documents confirm this as the concrete issue, but do not pro...
CVE-2020-25986
A Cross Site Request Forgery CSRF vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user...