Vulnerabilities > Mono
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-04-29 | CVE-2020-12471 | Deserialization of Untrusted Data vulnerability in Mono Monox 5.1.40.5152 MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler. | 9.8 |
2020-04-29 | CVE-2020-12470 | Files or Directories Accessible to External Parties vulnerability in Mono Monox 5.1.40.5152 MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template. | 7.2 |
2020-04-29 | CVE-2020-12473 | Unspecified vulnerability in Mono Monox 5.1.40.5152 MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program. | 7.2 |
2020-04-29 | CVE-2020-12472 | Cross-site Scripting vulnerability in Mono Monox 5.1.40.5152 MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description. | 5.4 |