4 matches found
Monstra CMS 3.0.4 Remote Code Execution
Exploit Title: Monstra CMS 3.0.4 Upload Plugin Remote code execution CVE-2018-9037 Date: 2018-05-14 Exploit Author: Jameel Nabbo Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra Version: 3.0.4 Tested on: MAC OSX CVE :CVE-2018-9037 Monst...
Monstra CMS 3.0.4 - Remote Code Execution
Monstra CMS 3.0.4 - Remote Code Execution. CVE-2018-9037. Webapps exploit for PHP platform Exploit Title: Monstra CMS 3.0.4 Upload Plugin Remote code execution CVE-2018-9037 Date: 2018-05-14 Exploit Author: Jameel Nabbo Vendor Homepage: https://github.com/monstra-cms/monstra Software Link:...
Monstra CMS 3.0.4 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications Exploit Title: Monstra CMS 3.0.4 Upload Plugin Remote code execution CVE-2018-9037 Exploit Author: Jameel Nabbo Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra Version: 3.0.4 Tested...
CVE-2018-9037
Monstra CMS 3.0.4 is vulnerable to remote code execution via an upload_file request for a .zip file, which is automatically extracted and may deploy .php files. The underlying flaw allows arbitrary PHP execution when a zip containing PHP payload is uploaded, enabling remote code execution under s...