4 matches found
Monstra CMS 3.0.4 - HTTP Header Injection
Monstra CMS 3.0.4 is susceptible to HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter. An attacker can potentially supply invalid input and cause the server to allow redirects to attacker-controlled domains, perform cache poisoning, and/or allow improper access to...
CVE-2018-16979
Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943...
CVE-2018-16979
Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943...
CVE-2018-16979
CVE-2018-16979 affects Monstra CMS 3.0.4. The Nuclei template and related descriptions confirm an HTTP header injection vulnerability in plugins/captcha/crypt/cryptographp.php cfg parameter, allowing an attacker to craft input that can redirect users to attacker-controlled domains, enable cache p...