An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file.
References
Link | Resource |
---|---|
https://github.com/OoLs5/VulDiscovery/blob/main/poc.docx | Exploit |
https://github.com/OoLs5/VulDiscovery/blob/main/poc.docx | Exploit |
Configurations
History
21 Nov 2024, 09:22
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/OoLs5/VulDiscovery/blob/main/poc.docx - Exploit |
16 Jul 2024, 14:22
Type | Values Removed | Values Added |
---|---|---|
First Time |
Monstra
Monstra monstra |
|
CWE | CWE-434 | |
CPE | cpe:2.3:a:monstra:monstra:3.0.4:*:*:*:*:*:*:* | |
References | () https://github.com/OoLs5/VulDiscovery/blob/main/poc.docx - Exploit | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.2 |
07 Jun 2024, 14:56
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 Jun 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-06 22:15
Updated : 2024-11-21 09:22
NVD link : CVE-2024-36774
Mitre link : CVE-2024-36774
CVE.ORG link : CVE-2024-36774
JSON object : View
Products Affected
monstra
- monstra
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type