Remote Code Execution in Monstra CMS 3.0.4 via Zip File Upload

CVE-2018-9037 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files.

Learn more about our Cms Pen Testing.