Mono Monox vulnerabilities
4 known vulnerabilities affecting mono/monox.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-12471P2CRITICALCVSS 9.8≤ 5.1.40.51522020-04-29
CVE-2020-12471 [CRITICAL] CWE-502 CVE-2020-12471: MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworkin
MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.
nvd
CVE-2020-12470P3HIGHCVSS 7.2≤ 5.1.40.51522020-04-29
CVE-2020-12470 [HIGH] CWE-552 CVE-2020-12470: MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX templ
MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.
nvd
CVE-2020-12473P3HIGHCVSS 7.2≤ 5.1.40.51522020-04-29
CVE-2020-12473 [HIGH] CVE-2020-12473: MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter
MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program.
nvd
CVE-2020-12472P4MEDIUMCVSS 5.4≤ 5.1.40.51522020-04-29
CVE-2020-12472 [MEDIUM] CWE-79 CVE-2020-12472: MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description.
MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description.
nvd