Описание
Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:monstra:monstra_cms:3.0.4:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01025
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
CVSS3: 8.8
github
больше 3 лет назад
Monstra CMS 3.0.4 allows attackers to execute arbitrary code via a crafted payload entered into the "Snippet content" field under the "Edit Snippet" module.
EPSS
Процентиль: 77%
0.01025
Низкий
8.8 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-94