Monstra Cms Security Vulnerabilities and Issues — Monstra Cms CVE List

Lucene search

MonstraMonstra Cms

4 matches found

CVE•added 2021/07/01 9:15 p.m.•60 views

CVE-2020-23219

Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module.

8.8CVSS8.8AI score0.01025EPSS

CVE•added 2021/07/06 9:15 p.m.•60 views

CVE-2020-23697

Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php.

5.4CVSS5.7AI score0.12211EPSS

CVE•added 2021/07/01 9:15 p.m.•56 views

CVE-2020-23205

A stored cross site scripting (XSS) vulnerability in Monstra CMS version 3.0.4 allows attackers to execute arbitrary web scripts or HTML via crafted a payload entered into the "Site Name" field under the "Site Settings" module.

5.4CVSS5.7AI score0.00236EPSS

CVE•added 2021/09/27 10:15 p.m.•33 views

CVE-2020-20691

An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.

6.5CVSS6.6AI score0.0023EPSS