VYPR

Monstra

by Monstra

Source repositories

CVEs (42)

  • CVE-2018-6550MedFeb 2, 2018
    risk 0.00cvss 5.4epss 0.01

    Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php.

  • CVE-2014-9006Nov 20, 2014
    risk 0.00cvss epss 0.02

    Monstra 3.0.1 and earlier uses a cookie to track how many login attempts have been attempted, which allows remote attackers to conduct brute force login attacks by deleting the login_attempts cookie or setting it to certain values.

Page 3 of 3