Description
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted).
Exploits (1)
exploitdb
WORKING POC
by Shahrukh Iqbal Mirza · textwebappsphp
https://www.exploit-db.com/exploits/48848
Scores
CVSS v3
8.1
EPSS
0.0357
EPSS Percentile
87.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Details
CWE
CWE-22
Status
published
Products (1)
monocms/monocms
1.0
Published
Oct 07, 2020
Tracked Since
Feb 18, 2026