Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 16/04/2018 Updated: 07/03/2019

CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 4.8 | Impact Score: 2.7 | Exploitability Score: 1.7

VMScore: 355

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
monstra monstra 3.0.4

# Title: Monstra CMS < 304 - Cross-Site Scripting # Date: 2018-06-07 # Author: DEEPIN2 # Software: Monstra CMS # Version: 304 and earlier # This automation code requires Python3 # You must intercept the first request through the proxy tool to verify the CSRF token import requests import re def runXSS(target, cookie, data): exploit = requ ...

exploit tool of CVE-2018-10118

CVE-2018-10118 exploit tool of CVE-2018-10118

CWE-79 https://github.com/monstra-cms/monstra/issues/436 https://www.exploit-db.com/exploits/44855/https://nvd.nist.gov https://github.com/GeunSam2/CVE-2018-10118 https://www.exploit-db.com/exploits/44855/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-10118

Vulnerability Summary

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect