Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/02/06 1:26 a.m.8 views

CVE-2025-69906

Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin. The application relies on blacklist-based file extension validation and stores uploaded files directly in a web-accessible directory. Under typical server configurations, this can allow an attacker to...

8.8CVSS8.5AI score0.00681EPSS
Exploits2References1
CNVD
CNVD
added 2020/05/28 12:0 a.m.1 views

Code Execution Vulnerability in Monstra

Monstra is a lightweight content management system CMS. A code execution vulnerability exists in Monstra, which can be exploited by an attacker to gain control of a web server...

7.8AI score
Exploits0
CNVD
CNVD
added 2018/05/28 12:0 a.m.2 views

Monstra CMS Cross-Site Scripting Vulnerability (CNVD-2018-15388)

Monstra CMS is a lightweight PHP-based content management system CMS developed by Ukrainian software developer Sergey Romanenko. The system is easy to install and use, scalable and so on. A cross-site scripting vulnerability exists in the registry of Monstra CMS version 3.0.4, which stems from th...

6.1CVSS5.9AI score0.02273EPSS
Exploits0References1
CNVD
CNVD
added 2018/04/16 12:0 a.m.3 views

Monstra CMS Cross-Site Scripting Vulnerability (CNVD-2018-08767)

Monstra CMS is a lightweight PHP-based content management system CMS developed by Ukrainian software developer Sergey Romanenko. The system is easy to install and use, scalable and so on. A cross-site scripting vulnerability exists in the plugins/box/pages/pages.admin.php file in Monstra CMS...

4.8CVSS6.4AI score0.00682EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2018/04/10 6:29 p.m.4 views

CVE-2018-9038

Monstra CMS 3.0.4 allows remote attackers to delete files via an admin/index.php?id=filesmanager&deletedir=./&path=uploads/ request...

6.5CVSS5.6AI score0.09813EPSS
Exploits3References3
Rows per page
Query Builder