CVE-2018-9037

Publication date

2018-04-10 18:00:00

Family

mitre

State

PUBLISHED

Description

Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files.