Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
monocms monocms 1.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2020-25986
A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows malicious users to change the password of a user.
Monocms Monocms 1.0
7.2
CVSSv3
CVE-2020-28672
MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/[foldername]/index.php causing RCE.
Monocms Monocms 1.0
8.1
CVSSv3
CVE-2020-25985
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted).
Monocms Monocms 1.0
7.5
CVSSv3
CVE-2020-25987
MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash.
Monocms Monocms 1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started