Monstra
by Monstra
Source repositories
CVEs (42)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-6550 | Med | 0.00 | 5.4 | 0.01 | Feb 2, 2018 | Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php. | ||
| CVE-2014-9006 | 0.00 | — | 0.02 | Nov 20, 2014 | Monstra 3.0.1 and earlier uses a cookie to track how many login attempts have been attempted, which allows remote attackers to conduct brute force login attacks by deleting the login_attempts cookie or setting it to certain values. |
- risk 0.00cvss 5.4epss 0.01
Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php.
- CVE-2014-9006Nov 20, 2014risk 0.00cvss —epss 0.02
Monstra 3.0.1 and earlier uses a cookie to track how many login attempts have been attempted, which allows remote attackers to conduct brute force login attacks by deleting the login_attempts cookie or setting it to certain values.
Page 3 of 3