High severity8.8OSV Advisory· Published Apr 10, 2018· Updated Jun 17, 2026
CVE-2018-9037
CVE-2018-9037
Description
Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/monstra-cms/monstra/issues/433nvdExploitIssue TrackingThird Party Advisory
- www.exploit-db.com/exploits/44621/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.