Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-16608

In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&user_id=1, Insecure Direct Object Reference (IDOR).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 4.0
Products affected by CVE-2018-16608
  • Monstra » Monstra » Version: 3.0.4
    cpe:2.3:a:monstra:monstra:3.0.4


Contact Us

Shodan ® - All rights reserved