VYPR

Vendor CVEs

Monstra

All CVEs

43 total · sorted by risk
  • CVE-2017-18048HigJan 23, 2018
    risk 0.65cvss 8.8epss 0.64

    Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for example because .php (lowercase) is blocked but .PHP (uppercase) is not.

  • CVE-2021-40940CriJun 15, 2022
    risk 0.64cvss 9.8epss 0.02

    Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability.

  • CVE-2021-36548CriOct 28, 2021
    risk 0.64cvss 9.8epss 0.03

    A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themes&action=edit_template&filename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted PHP file.

  • CVE-2020-25414CriJun 17, 2021
    risk 0.64cvss 9.8epss 0.02

    A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.

  • CVE-2018-11678CriJun 5, 2018
    risk 0.64cvss 9.8epss 0.02

    plugins/box/users/users.plugin.php in Monstra CMS 3.0.4 allows Login Rate Limiting Bypass via manipulation of the login_attempts cookie.

  • CVE-2018-6383HigJan 29, 2018
    risk 0.61cvss 8.8epss 0.14

    Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a different…

  • CVE-2020-23219HigJul 1, 2021
    risk 0.57cvss 8.8epss 0.02

    Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module.

  • CVE-2020-13384HigMay 22, 2020
    risk 0.57cvss 8.8epss 0.03

    Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.

  • CVE-2018-16608HigSep 10, 2018
    risk 0.57cvss 8.8epss 0.01

    In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&user_id=1, Insecure Direct Object Reference (IDOR).

  • CVE-2018-9037HigApr 10, 2018
    risk 0.57cvss 8.8epss 0.03

    Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files.

  • CVE-2018-11475HigMay 25, 2018
    risk 0.52cvss 8.0epss 0.01

    Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser.

  • CVE-2018-11474HigMay 25, 2018
    risk 0.52cvss 8.0epss 0.01

    Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.

  • CVE-2018-16820HigSep 18, 2018
    risk 0.49cvss 7.5epss 0.02

    admin/index.php in Monstra CMS 3.0.4 allows arbitrary directory listing via id=filesmanager&path=uploads/.......//./.......//./ requests.

  • CVE-2024-36774HigJun 6, 2024
    risk 0.47cvss 7.2epss 0.01

    An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file.

  • CVE-2020-13978HigJun 9, 2020
    risk 0.47cvss 7.2epss 0.01

    Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the admin/index.php?id=themes&action=edit_chunk URI. NOTE: there is no indication…

  • CVE-2018-17418HigMar 7, 2019
    risk 0.47cvss 7.2epss 0.03

    Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the forbidden_types variable.

  • CVE-2018-15886HigSep 10, 2018
    risk 0.47cvss 7.2epss 0.02

    Monstra CMS 3.0.4 does not properly restrict modified Snippet content, as demonstrated by the admin/index.php?id=snippets&action=edit_snippet&filename=google-analytics URI, which allows attackers to execute arbitrary PHP code by placing this code after a <?php substring.

  • CVE-2018-9038MedApr 10, 2018
    risk 0.46cvss 6.5epss 0.10

    Monstra CMS 3.0.4 allows remote attackers to delete files via an admin/index.php?id=filesmanager&delete_dir=./&path=uploads/ request.

  • CVE-2020-20691MedSep 27, 2021
    risk 0.42cvss 6.5epss 0.01

    An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.

  • CVE-2020-8439MedMar 7, 2020
    risk 0.42cvss 6.5epss 0.02

    Monstra CMS through 3.0.4 allows remote authenticated users to take over arbitrary user accounts via a modified login parameter to an edit URI, as demonstrated by login=victim to the users/21/edit URI.

  • CVE-2018-11227MedJul 3, 2019
    risk 0.40cvss 6.1epss 0.05

    Monstra CMS 3.0.4 and earlier has XSS via index.php.

  • CVE-2018-17025MedSep 13, 2018
    risk 0.40cvss 6.1epss 0.01

    admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title parameter in an edit_page action for a page with no special role.

  • CVE-2018-16979MedSep 12, 2018
    risk 0.40cvss 6.1epss 0.03

    Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943.

  • CVE-2018-16978MedSep 12, 2018
    risk 0.40cvss 6.1epss 0.01

    Monstra CMS V3.0.4 has XSS when ones tries to register an account with a crafted password parameter to users/registration, a different vulnerability than CVE-2018-11473.

  • CVE-2018-14922MedAug 14, 2018
    risk 0.40cvss 6.1epss 0.02

    Multiple cross-site scripting (XSS) vulnerabilities in Monstra CMS 3.0.4 allow remote attackers to inject arbitrary web script or HTML via the (1) first name or (2) last name field in the edit profile page.

  • CVE-2018-11473MedMay 25, 2018
    risk 0.40cvss 6.1epss 0.02

    Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).

  • CVE-2018-11472MedMay 25, 2018
    risk 0.40cvss 6.1epss 0.01

    Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).

  • CVE-2024-36775MedJun 6, 2024
    risk 0.35cvss 5.4epss 0.00

    A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the About Me parameter in the Edit Profile page.

  • CVE-2020-23697MedJul 6, 2021
    risk 0.35cvss 5.4epss 0.02

    Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php.

  • CVE-2020-23205MedJul 1, 2021
    risk 0.35cvss 5.4epss 0.01

    A stored cross site scripting (XSS) vulnerability in Monstra CMS version 3.0.4 allows attackers to execute arbitrary web scripts or HTML via crafted a payload entered into the "Site Name" field under the "Site Settings" module.

  • CVE-2018-19599MedMar 2, 2020
    risk 0.35cvss 5.4epss 0.01

    Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product.

  • CVE-2018-16977MedSep 12, 2018
    risk 0.35cvss 5.3epss 0.01

    Monstra CMS V3.0.4 has an information leakage risk (e.g., PATH, DOCUMENT_ROOT, and SERVER_ADMIN) in libraries/Gelato/ErrorHandler/Resources/Views/Errors/exception.php.

  • CVE-2018-10118MedApr 16, 2018
    risk 0.34cvss 4.8epss 0.03

    Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php.

  • CVE-2018-10109MedApr 16, 2018
    risk 0.34cvss 4.8epss 0.02

    Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the content section of a new page in the blog catalog.

  • CVE-2018-16819MedSep 18, 2018
    risk 0.32cvss 4.9epss 0.01

    admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion via id=filesmanager&path=uploads/.......//./.......//./&delete_file= requests.

  • CVE-2024-36773MedJun 7, 2024
    risk 0.31cvss 4.8epss 0.00

    A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Themes parameter at index.php.

  • CVE-2018-18694MedOct 29, 2018
    risk 0.31cvss 4.8epss 0.01

    admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote authenticated administrators to trigger stored XSS via JavaScript content in a file whose name lacks an extension. Such a file is interpreted as text/html in certain cases.

  • CVE-2018-17026MedSep 13, 2018
    risk 0.31cvss 4.8epss 0.01

    admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title parameter in an edit_page&name=error404 action, a different vulnerability than CVE-2018-10121.

  • CVE-2018-17024MedSep 13, 2018
    risk 0.31cvss 4.8epss 0.01

    admin/index.php in Monstra CMS 3.0.4 allows XSS via the page_meta_title parameter in an add_page action.

  • CVE-2018-10121MedApr 16, 2018
    risk 0.31cvss 4.8epss 0.01

    plugins/box/pages/pages.admin.php in Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the title section of an admin/index.php?id=pages&action=edit_page&name=error404 (aka Edit 404 page) action.

  • CVE-2025-69906Feb 5, 2026
    risk 0.00cvss epss 0.01

    Monstra CMS v3.0.4 contains an arbitrary file upload vulnerability in the Files Manager plugin. The application relies on blacklist-based file extension validation and stores uploaded files directly in a web-accessible directory. Under typical server configurations, this can…

  • CVE-2018-6550MedFeb 2, 2018
    risk 0.00cvss 5.4epss 0.01

    Monstra CMS through 3.0.4 has XSS in the title function in plugins/box/pages/pages.plugin.php via a page title to admin/index.php.

  • CVE-2014-9006Nov 20, 2014
    risk 0.00cvss epss 0.02

    Monstra 3.0.1 and earlier uses a cookie to track how many login attempts have been attempted, which allows remote attackers to conduct brute force login attacks by deleting the login_attempts cookie or setting it to certain values.