S4E

CVE-2018-16979 Scanner

Detects 'HTTP Header Injection' vulnerability in Monstra CMS affects v. 3.0.4.

SCAN NOW

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 second

Time Interval

1 month

Scan only one

Url

Toolbox

-

Monstra CMS is an open-source content management system that is widely used by website developers across the globe. It provides a user-friendly interface and is easily customizable, making it an ideal platform for businesses, bloggers and individuals looking to create a web presence. Its robust features include, but are not limited to, built-in SEO optimization, customizable themes and plugins, and a powerful image editor.

CVE-2018-16979 is a vulnerability in Monstra CMS that was detected in version 3.0.4. The vulnerability exists in the plugins/captcha/crypt/cryptographp.php cfg parameter, which can be exploited by an attacker to inject arbitrary HTTP headers. This can lead to a range of attacks, including cross-site scripting, remote code execution, and denial-of-service attacks.

When exploited, this vulnerability can allow an attacker to gain control over a website and steal sensitive information, including passwords, credit card details, and other personally identifiable information. The exploitation of this vulnerability can be particularly dangerous for businesses handling sensitive data.

At s4e.io, we offer a range of security solutions designed to help website owners and businesses stay ahead of the latest threats. Using our pro features, you can easily and quickly learn about vulnerabilities in your digital assets and take proactive steps to protect your website and data. Our expert team of security professionals is dedicated to ensuring your online safety and peace of mind.

 

REFERENCES

Get started to protecting your Free Full Security Scan