Monstra Cms Security Vulnerabilities and Issues — Monstra Cms CVE List

Lucene search

MonstraMonstra Cms

4 matches found

CVE•added 2024/06/06 10:15 p.m.•68 views

CVE-2024-36775

A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page.

5.4CVSS5.9AI score0.00076EPSS

CVE•added 2021/07/06 9:15 p.m.•60 views

CVE-2020-23697

Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php.

5.4CVSS5.7AI score0.12211EPSS

CVE•added 2021/07/01 9:15 p.m.•56 views

CVE-2020-23205

A stored cross site scripting (XSS) vulnerability in Monstra CMS version 3.0.4 allows attackers to execute arbitrary web scripts or HTML via crafted a payload entered into the "Site Name" field under the "Site Settings" module.

5.4CVSS5.7AI score0.00236EPSS

CVE•added 2020/03/02 8:15 p.m.•34 views

CVE-2018-19599

Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product.

5.4CVSS5.2AI score0.00353EPSS