2 matches found
Monstra CMS 3.0.4 - Arbitrary Folder Deletion
Monstra CMS 3.0.4 - Arbitrary Folder Deletion Exploit Title: Monstra CMS 3.0.4 allows remote attackers to delete folder via an get request Date: 2018-03-26 Exploit Author: Wenming Jiang Vendor Homepage: https://github.com/monstra-cms/monstra Software Link: https://github.com/monstra-cms/monstra...
CVE-2018-9038
Monstra CMS 3.0.4 is affected by a remote file deletion vulnerability: an attacker can issue admin/index.php?id=filesmanager&delete_dir=./&path=uploads/ to delete files/folders. The issue is described across multiple feeds as arbitrary deletion of uploads via the filesmanager path. Some OpenVAS d...