Filtered by vendor Monstra
Subscriptions
Total
42 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2021-40940 | 1 Monstra | 1 Monstra | 2024-08-04 | 9.8 Critical |
Monstra 3.0.4 does not filter the case of php, which leads to an unrestricted file upload vulnerability. | ||||
CVE-2021-36548 | 1 Monstra | 1 Monstra | 2024-08-04 | 9.8 Critical |
A remote code execution (RCE) vulnerability in the component /admin/index.php?id=themes&action=edit_template&filename=blog of Monstra v3.0.4 allows attackers to execute arbitrary commands via a crafted PHP file. |