CVE-2018-16608
CVE-2018-16608
In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&user_id=1, Insecure Direct Object Reference (IDOR).
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →