High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-09	CVE-2020-13978	OS Command Injection vulnerability in Monstra CMS 3.0.4 Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the admin/index.php?id=themes&action=edit_chunk URI. network low complexity monstra CWE-78	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.