2 matches found
CVE-2021-40940
Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability...
CVE-2021-40940
The provided connected sources confirm a concrete vulnerability in Monstra 3.0.4: an unrestricted file upload due to improper filtering of PHP-related uploads. Affected component is the web application (Monstra CMS) with PHP file handling as the root cause; impact is high (arbitrary file upload l...