Lucene search
+L

51 matches found

Cvelist
Cvelist
added 2024/11/06 10:31 p.m.34 views

CVE-2024-10927 MonoCMS Account Information Page account.php cross site scripting

A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic. Affected is an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the argument userid leads to cross site scripting. It is possible to launch...

5.3CVSS0.00407EPSS
Exploits1References4
CVE
CVE
added 2024/11/06 10:31 p.m.51 views

CVE-2024-10927

MonoCMS CVE-2024-10927 affects the Account Information Page (/monofiles/account.php); the vulnerability is a cross-site scripting flaw triggered by the userid argument, enabling remote exploitation. Multiple sources confirm it affects versions up to 20240528 and that the exploit has been publicly...

6.1CVSS4AI score0.00407EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.12 views

PT-2024-16647

Name of the Vulnerable Software and Affected Versions MonoCMS up to 20240528 Description A vulnerability was found in MonoCMS, affecting an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the filtcategory and filtstatus arguments leads t...

6.1CVSS4.7AI score0.00383EPSS
Exploits1References10
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.5 views

MonoCMS 注入漏洞

MonoCMS is a content management system from MonoCMS, Inc. An injection vulnerability exists in MonoCMS 20240528 and prior versions, which stems from a cross-site scripting attack due to improper handling of the parameter userid...

6.1CVSS4.7AI score0.00407EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/11/06 12:0 a.m.5 views

PT-2024-16646 · Monocms · Monocms

Name of the Vulnerable Software and Affected Versions: MonoCMS versions up to 20240528 Description: A problematic issue was found in MonoCMS, affecting an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the userid argument leads t...

6.1CVSS4.2AI score0.00407EPSS
Exploits1References8
CNNVD
CNNVD
added 2024/11/06 12:0 a.m.8 views

MonoCMS 注入漏洞

MonoCMS is a free and open source content management system. MonoCMS /monofiles/opensaved.php handling filtcategory parameter has a cross-site scripting vulnerability that can be exploited by a remote attacker to inject malicious script or HTML code, which can be used to obtain sensitive...

6.1CVSS5.9AI score0.00383EPSS
Exploits1References5
Check Point Advisories
Check Point Advisories
added 2021/02/24 12:0 a.m.11 views

MonoCMS Remote Code Execution (CVE-2020-28672)

A remote code execution vulnerability exists in MonoCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

9CVSS5.6AI score0.11655EPSS
Exploits1
CNVD
CNVD
added 2021/01/09 12:0 a.m.2 views

MonoCMS Blog Access Control Error Vulnerability

Mono is an open source software platform for creating .NET cross-platform applications. MonoCMS Blog 1.0 suffers from an Access Control Error vulnerability that stems from incorrect access control and leads to remote execution of arbitrary code...

9CVSS7.3AI score0.11655EPSS
Exploits1References1
NVD
NVD
added 2021/01/07 3:15 p.m.20 views

CVE-2020-28672

MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...

9CVSS7.3AI score0.11655EPSS
Exploits1References1
OSV
OSV
added 2021/01/07 3:15 p.m.6 views

CVE-2020-28672

MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...

7.2CVSS7.3AI score0.11655EPSS
Exploits1References1
Prion
Prion
added 2021/01/07 3:15 p.m.13 views

Design/Logic Flaw

MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...

9CVSS7.3AI score0.11655EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/01/07 2:47 p.m.27 views

CVE-2020-28672

MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...

7.4AI score0.11655EPSS
Exploits1References1
CVE
CVE
added 2021/01/07 2:47 p.m.46 views

CVE-2020-28672

MonoCMS Blog 1.0 is affected by an Access Control Error that can lead to remote arbitrary code execution. The issue arises at monofiles/category.php:27, where user input can be saved to category/[foldername]/index.php, enabling RCE. This CVE is CVE-2020-28672. The connected sources corroborate a ...

9CVSS7.3AI score0.11655EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2020/10/13 12:0 a.m.8 views

MonoCMS Blog Information Disclosure Vulnerability

Mono is a free and open source project hosted by Xamarin previously Novell, first Ximian. A security vulnerability exists in version 1.0 of MonoCMS Blog, which stems from storing a hard-coded administrative hash in the log.xml file in the source file of MonoCMS Blog, with hash type bcrypt and has...

7.5CVSS6.9AI score0.01628EPSS
Exploits4References1
NVD
NVD
added 2020/10/07 12:15 p.m.27 views

CVE-2020-25985

MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...

8.1CVSS0.01717EPSS
Exploits1References2
OSV
OSV
added 2020/10/07 12:15 p.m.5 views

CVE-2020-25985

MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...

8.1CVSS5.8AI score0.01717EPSS
Exploits1References2
Prion
Prion
added 2020/10/07 12:15 p.m.18 views

Arbitrary file deletion

MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...

5.5CVSS8AI score0.01717EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2020/10/07 11:25 a.m.24 views

CVE-2020-25985

MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...

8.1AI score0.01717EPSS
Exploits1References2
CVE
CVE
added 2020/10/07 11:25 a.m.41 views

CVE-2020-25985

CVE-2020-25985 affects MonoCMS Blog 1.0. The vulnerability is described as Arbitrary File Deletion: any authenticated user can delete files on and off the webserver, with PHP files potentially unlinked rather than deleted. The connected documents confirm this as the concrete issue, but do not pro...

8.1CVSS7.9AI score0.01717EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2020/10/06 1:15 p.m.27 views

CVE-2020-25986

A Cross Site Request Forgery CSRF vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user...

6.5CVSS0.00569EPSS
Exploits3References2
Rows per page
Query Builder