VYPR

Monkey CMS

by Monkey CMS

CVEs (4)

  • CVE-2013-3724Aug 1, 2013
    risk 0.04cvss epss 0.14

    The mk_request_header_process function in mk_request.c in Monkey 1.1.1 allows remote attackers to cause a denial of service (thread crash and service outage) via a '\0' character in an HTTP request.

  • CVE-2002-1852Dec 31, 2002
    risk 0.03cvss epss 0.03

    Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl.

  • CVE-2014-5336Aug 26, 2014
    risk 0.00cvss epss 0.02

    Monkey HTTP Server before 1.5.3, when the File Descriptor Table (FDT) is enabled and custom error messages are set, allows remote attackers to cause a denial of service (file descriptor consumption) via an HTTP request that triggers an error message.

  • CVE-2007-2105Apr 18, 2007
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the admin_skin parameter.