Lucene search
Exploit-DBEDB-ID:44621HistoryMay 14, 2018 - 12:00 a.m.
Monstra CMS 3.0.4 - Remote Code Execution
2018-05-1400:00:00
Exploit-DB
www.exploit-db.com
57
EPSS
0.003
Percentile
71.6%
Monstra CMS 3.0.4 - Remote Code Execution. CVE-2018-9037. Webapps exploit for PHP platform
# Exploit Title: Monstra CMS 3.0.4 Upload Plugin Remote code execution CVE-2018-9037
# Date: 2018-05-14
# Exploit Author: Jameel Nabbo
# Vendor Homepage: https://github.com/monstra-cms/monstra
# Software Link: https://github.com/monstra-cms/monstra
# Version: 3.0.4
# Tested on: MAC OSX
# CVE :CVE-2018-9037
Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file,
which is automatically extracted and may contain .php files.
Steps to Reproduce
1: Log in as a user with page editing permissions
2: Upload a plugin archive containing php webshell code
3: After successful upload we can execute the command.
Then go to: http://127.0.0.1/plugins/{Name_Of_Zip_File_You_Uploaded}/{File_In_Zip}.php
Solution
Filter plugin content during plugin uploadRelated
packetstorm
packetstorm
Monstra CMS 3.0.4 Remote Code Execution
2018-05-15 00:00:00
nvd
nvd
CVE-2018-9037
2018-04-10 18:29:00
prion
prion
Remote code execution
2018-04-10 18:29:00
osv
osv
CVE-2018-9037
2018-04-10 18:29:00
zdt
zdt
Monstra CMS 3.0.4 - Remote Code Execution Vulnerability
2018-05-14 00:00:00
cve
cve
CVE-2018-9037
2018-04-10 18:29:00
cvelist
cvelist
CVE-2018-9037
2018-04-10 18:00:00
openvas
openvas
Monstra CMS <= 3.0.4 Multiple Vulnerabilities
2018-05-29 00:00:00