CVE-2020-25414

Critical

A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute…

mitre·CWE-829·Published 2021-06-17

CVSS

9.8

EPSS

0.02

KEV

Exploits

cve.orgen

153 chars

A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.

NVDen

153 chars

A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.

Se ha detectado una vulnerabilidad de inclusión de archivos locales en la función captcha en Monstra versión 3.0.4 que permite a atacantes remotos ejecutar código PHP arbitrario

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H