Search Results | AttackerKB

4 Total Results

Displaying 1-4 of 4

Attacker Value

Unknown

CVE-2020-12470

Disclosure Date: April 29, 2020 (last updated February 21, 2025)

MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.

Attacker Value

Unknown

CVE-2020-12471

Disclosure Date: April 29, 2020 (last updated February 21, 2025)

MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2020-12473

Disclosure Date: April 29, 2020 (last updated November 27, 2024)

MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program.

Attack Vector: Network Privileges: High User Interaction: None

Attacker Value

Unknown

CVE-2020-12472

Disclosure Date: April 29, 2020 (last updated February 21, 2025)

MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description.

Attack Vector: Network Privileges: Low User Interaction: Required

4 Total Results

Displaying 1-4 of 4

Unknown

CVE-2020-12470

Unknown

CVE-2020-12471

Unknown

CVE-2020-12473

Unknown

CVE-2020-12472

Quick Cookie Notification