Lucene search
K

7 matches found

Check Point Advisories
Check Point Advisories
added 2021/10/19 12:0 a.m.75 views

p0wny Shell Remote Code Execution (CVE-2017-9830; CVE-2018-15139; CVE-2018-19423; CVE-2018-6383; CVE-2020-29607; CVE-2021-24155; CVE-2021-24347)

p0wny Shell is a PHP shell. An attacker might use this shell to execute arbitrary code on the affected system...

7.5CVSS8.4AI score0.84112EPSS
Exploits38
0day.today
0day.today
added 2021/06/04 12:0 a.m.112 views

Monstra CMS 3.0.4 - Remote Code Execution (Authenticated) Exploit

Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution Authenticated Exploit Author: Ron Jost hacker5preme Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 20.04 CVE: CVE-2018-6383 Documentation:...

8.8CVSS0.4AI score0.63355EPSS
Exploits8
Packet Storm
Packet Storm
added 2021/06/04 12:0 a.m.440 views

Monstra CMS 3.0.4 Remote Code Execution

Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution Authenticated Date: 03.06.2021 Exploit Author: Ron Jost hacker5preme Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 20.04 CVE: CVE-2018-6383 Documentation:...

6.5CVSS0.3AI score0.63355EPSS
Exploits8
Exploit DB
Exploit DB
added 2021/06/04 12:0 a.m.963 views

Monstra CMS 3.0.4 - Remote Code Execution (Authenticated)

Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution Authenticated Date: 03.06.2021 Exploit Author: Ron Jost hacker5preme Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 20.04 CVE: CVE-2018-6383 Documentation:...

8.8CVSS8.7AI score0.13499EPSS
Exploits4
NVD
NVD
added 2018/01/29 6:29 p.m.26 views

CVE-2018-6383

Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php and similar file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a different vulnerability than CVE-2017-180...

8.8CVSS8.9AI score0.13499EPSS
Exploits4References3
Cvelist
Cvelist
added 2018/01/29 6:0 p.m.23 views

CVE-2018-6383

Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php and similar file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a different vulnerability than CVE-2017-180...

8.9AI score0.13499EPSS
Exploits4References3
CVE
CVE
added 2018/01/29 6:0 p.m.141 views

CVE-2018-6383

Monstra CMS

8.8CVSS8.7AI score0.13499EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder