399 matches found
Monstra CMS Security Vulnerability
Monstra CMS is a lightweight PHP-based content management system CMS by Sergey Romanenko, an individual developer in Ukraine. A security vulnerability exists in Monstra CMS version v3.0.4. The vulnerability is exploited by attackers to execute arbitrary web script or HTML via a specially crafted...
CVE-2024-36775
A cross-site scripting XSS vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page...
CVE-2024-36774
An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file...
CVE-2024-36775
Monstra CMS 3.0.4 is affected by an XSS vulnerability in the Edit Profile page, where crafted payloads placed into the About Me field can execute arbitrary web scripts/HTML. The issue stems from reflecting or injecting content via the About Me parameter, enabling potential code execution in the c...
CVE-2024-36775
A cross-site scripting XSS vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page...
CVE-2024-36775
A cross-site scripting XSS vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page...
CVE-2024-36775
A cross-site scripting XSS vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page...
CVE-2024-36774
An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file...
CVE-2024-36774
An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file...
CVE-2024-36774
CVE-2024-36774 describes an arbitrary file upload vulnerability in Monstra CMS v3.0.4 that enables attackers to execute arbitrary PHP code by uploading a crafted PHP file. The issue targets the CMS itself and arises from an upload path that allows PHP payloads. Estimated impact per CVSS vectors i...
PT-2024-27157 · Unknown · Monstra Cms
Name of the Vulnerable Software and Affected Versions: Monstra CMS version 3.0.4 Description: An arbitrary file upload issue allows attackers to execute arbitrary code via uploading a crafted PHP file. Recommendations: For Monstra CMS version 3.0.4, at the moment, there is no information about a...
Monstra CMS Security Vulnerability
Monstra CMS is a lightweight PHP-based content management system CMS by Sergey Romanenko, an individual developer in Ukraine. A security vulnerability exists in Monstra CMS version v3.0.4. An attacker can exploit the vulnerability to execute arbitrary code by uploading specially crafted PHP files...
Monstra CMS Security Vulnerability
Monstra CMS is a lightweight PHP-based content management system CMS by Sergey Romanenko, an individual developer in Ukraine. A security vulnerability exists in Monstra CMS version v3.0.4. An attacker can exploit the vulnerability to execute arbitrary web script or HTML via a specially crafted...
PT-2024-27158 · Unknown · Monstra Cms
Name of the Vulnerable Software and Affected Versions: Monstra CMS version 3.0.4 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page. This could potentially affe...
Monstra CMS 3.0.4 - Remote Code Execution Exploit
Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution RCE Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: MacOS import requests import random import string import time import re import sys if...
Monstra CMS 3.0.4 Remote Code Execution
Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution RCE Date: 05.05.2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: MacOS import requests import random import string import time import...
Monstra CMS 3.0.4 - Remote Code Execution (RCE)
Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution RCE Date: 05.05.2024 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: MacOS import requests import random import string import time import...
Monstra 3.0.4 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Monstra 3.0.4 - Stored Cross-Site Scripting XSS Exploit Author: tmrswrr Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested : https://www.softaculous.com/softaculous/demos/Monstra --- Description --- 1 Login admin panel a...
Monstra 3.0.4 - Stored Cross-Site Scripting (XSS)
Exploit Title: Monstra 3.0.4 - Stored Cross-Site Scripting XSS Date: 2023-06-13 Exploit Author: tmrswrr Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested : https://www.softaculous.com/softaculous/demos/Monstra --- Description --- 1...
Monstra CMS <= 3.0.4 RCE Vulnerability (Jul 2021)
Monstra CMS is prone to a remote code execution RCE vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...