48 matches found
EUVD-2020-17580
Malware in sbrugna...
EUVD-2020-21619
Malware in sbrugna...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting XSS. An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
PT-2024-20433 · Leptoncms · Leptoncms
Name of the Vulnerable Software and Affected Versions: Lepton CMS version 7.0.0 Description: An issue in Lepton CMS allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place. Recommendations: For Lepton CMS version 7.0.0, consider restricting access to the...
CVE-2024-24520
CVE-2024-24520 affects Lepton CMS v7.0.0. The issue is a local arbitrary-code execution via the upgrade.php file in the languages place, enabling a local attacker to compromise the system. According to Red Hat and CNNVD records, the vulnerability exists in Lepton CMS 7.0.0. The Red Hat entry and ...
Lepton CMS 7.0.0 Remote Code Execution Vulnerability
Exploit Title: LeptonCMS Version : 7.0.0 Remote Code Execution Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://www.lepton-cms.com/ Version : 7.0.0 Tested on: https://www.softaculous.com/apps/cms/LEPTON 1 Login with admin cred https://127.0.0.1/LEPTON/backend/login/index.php 2 G...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
Cross site scripting
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-24872
CVE-2020-24872 is a cross-site scripting vulnerability in Lepton-CMS 4.7.0, stemming from lack of proper filtering/escaping in backend/pages/modify.php. The issue allows remote attackers to inject and execute arbitrary web scripts or HTML when a user views or submits crafted data, with the CVSS i...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting XSS. An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered...
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting XSS. An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered...