{"uuid": "2779132c-7d59-463f-a2fa-b016479a5382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-18048", "type": "seen", "source": "https://t.me/VulnerabilityNews/14804", "content": "Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.\nPublished at: May 22, 2020 at 07:15AM\nView on website", "creation_timestamp": "2020-05-27T07:46:37.000000Z"}