CVE-2018-16979

Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to…

mitre·CWE-113·Published 2018-09-12

CVSS

—

EPSS

0.03

KEV

Exploits

cve.orgen

142 chars

Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943.

NVDen

142 chars

Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943.

NVDes

170 chars

Monstra CMS V3.0.4 permite la inyección de cabeceras HTTP en el parámetro cfg en plugins/captcha/crypt/cryptographp.php. Este problema está relacionado con CVE-2012-2943.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.8	8.6	4.9	AV:N/AC:M/Au:N/C:P/I:P/A:N
3.0	Primary	NVD	6.1	2.8	2.7	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N