Security Advisory

CVE-2018-16608

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-09-10 13:00:00

Last updated 2024-08-05 10:32:52

Assigner mitre

State PUBLISHED

Description

In Monstra CMS 3.0.4, an attacker with Editor privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&user_id=1, Insecure Direct Object Reference (IDOR).

← Browse all CVEs View on cve.org ↗