51 matches found
EUVD-2020-18617
Malware in sbrugna...
EUVD-2020-18616
Malware in sbrugna...
EUVD-2020-21070
Malware in sbrugna...
EUVD-2020-18615
Malware in sbrugna...
EUVD-2024-33355
Malicious code in bioql PyPI...
EUVD-2024-33356
Malicious code in bioql PyPI...
CVE-2024-10928
A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the argument filtcategory/filtstatus leads to cross site...
CVE-2024-10927
A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic. Affected is an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the argument userid leads to cross site scripting. It is possible to launch...
CVE-2020-25986
A Cross Site Request Forgery CSRF vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user...
CVE-2020-25985
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver php files can be unlinked and not deleted...
CVE-2020-28672
MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/foldername/index.php causing RCE...
CVE-2020-25987
MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash...
MonoCMS Cross-Site Scripting Vulnerability
MonoCMS is a free and open source content management system. MonoCMS /monofiles/opensaved.php handling filtcategory parameter has a cross-site scripting vulnerability that can be exploited by a remote attacker to inject malicious script or HTML code, which can be used to obtain sensitive...
CVE-2024-10928
A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the argument filtcategory/filtstatus leads to cross site...
CVE-2024-10928
A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the argument filtcategory/filtstatus leads to cross site...
CVE-2024-10927
A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic. Affected is an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the argument userid leads to cross site scripting. It is possible to launch...
CVE-2024-10928 MonoCMS Posts Page opensaved.php cross site scripting
A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the argument filtcategory/filtstatus leads to cross site...
CVE-2024-10928
MonoCMS up to 20240528 is affected by a cross-site scripting vulnerability in /monofiles/opensaved.php in the Posts Page. The issue arises from manipulation of the filtcategory and filtstatus parameters, allowing remote attackers to inject script/HTML. Exploitation is disclosed publicly. Several ...
CVE-2024-10928 MonoCMS Posts Page opensaved.php cross site scripting
A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the argument filtcategory/filtstatus leads to cross site...
CVE-2024-10927
MonoCMS CVE-2024-10927 affects the Account Information Page (/monofiles/account.php); the vulnerability is a cross-site scripting flaw triggered by the userid argument, enabling remote exploitation. Multiple sources confirm it affects versions up to 20240528 and that the exploit has been publicly...