{"vulnerability": "cve-2017-18048", "sightings": [{"uuid": "b8305a42-585f-4043-89e3-5e497a17a115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-18048", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "a845ebc9-807f-457d-8265-e4270ec48b70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-18048", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:56.000000Z"}, {"uuid": "584e0fa2-b888-4a24-b8eb-5a9ae1ec09c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-18048", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/monstra_fileupload_exec.rb", "content": "", "creation_timestamp": "2018-07-10T19:43:02.000000Z"}, {"uuid": "2779132c-7d59-463f-a2fa-b016479a5382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-18048", "type": "seen", "source": "https://t.me/VulnerabilityNews/14804", "content": "Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.\nPublished at: May 22, 2020 at 07:15AM\nView on website", "creation_timestamp": "2020-05-27T07:46:37.000000Z"}, {"uuid": "8ac982a2-92a3-4522-b951-3be4d08611e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-18048", "type": "seen", "source": "https://t.me/cibsecurity/12304", "content": "ATENTION\u203c New - CVE-2020-13384 (monstra)\n\nMonstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-27T07:55:39.000000Z"}]}