CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-36773

A cross-site scripting (XSS) vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Themes parameter at index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.0%

CVSS Severity

CVSS v3 Score 4.8

References

https://github.com/OoLs5/VulDiscovery/blob/main/cve-2024-36773.md
https://github.com/OoLs5/VulDiscovery/blob/main/cve-2024-36773.md

Products affected by CVE-2024-36773

Monstra » Monstra » Version: 2.2.0

cpe:2.3:a:monstra:monstra:2.2.0
Monstra » Monstra » Version: 2.2.1

cpe:2.3:a:monstra:monstra:2.2.1
Monstra » Monstra » Version: 2.3.0

cpe:2.3:a:monstra:monstra:2.3.0
Monstra » Monstra » Version: 2.3.1

cpe:2.3:a:monstra:monstra:2.3.1
Monstra » Monstra » Version: 3.0.0

cpe:2.3:a:monstra:monstra:3.0.0
Monstra » Monstra » Version: 3.0.2

cpe:2.3:a:monstra:monstra:3.0.2
Monstra » Monstra » Version: 3.0.3

cpe:2.3:a:monstra:monstra:3.0.3
Monstra » Monstra » Version: 3.0.4

cpe:2.3:a:monstra:monstra:3.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-36773

Products

Pricing

Contact Us