59 matches found
CVE-2026-29934
A reflected cross-site scripting XSS vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header...
EUVD-2026-16211
A reflected cross-site scripting XSS vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header...
CVE-2026-29934
A reflected cross-site scripting XSS vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header...
CVE-2026-29934
CVE-2026-29934 describes a reflected XSS in Lightcms v2.0, specifically the /admin/menus component. An attacker can inject arbitrary JavaScript by manipulating the Referer header in requests, causing the payload to execute in the user’s browser context. Public notes across multiple feeds corrobor...
Jianhua Sun LightCMS 安全漏洞
Jianhua Sun LightCMS is an open-source application developed by Jianhua Sun. It provides a lightweight CMS system and can also be used as a general-purpose backend management framework. The Jianhua Sun LightCMS v2.0 version has a security vulnerability, which stems from a reflection-type XSS...
CVE-2026-29934
A reflected cross-site scripting XSS vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header...
CVE-2026-29934
A reflected cross-site scripting XSS vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header...
CVE-2026-29934
A reflected cross-site scripting XSS vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header...
PT-2026-28391
Name of the Vulnerable Software and Affected Versions Lightcms version 2.0 Description A reflected cross-site scripting XSS issue exists in the /admin/menus component. This allows attackers to execute arbitrary Javascript within a user's browser by altering the referer value in the request header...
CVE-2021-27112
LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images...
CVE-2022-33009
A stored cross-site scripting XSS vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file...
EUVD-2021-26686
Malware in sbrugna...
EUVD-2021-13882
Malware in sbrugna...
EUVD-2023-30849
Malicious code in bioql PyPI...
EUVD-2022-36068
Malicious code in bioql PyPI...
CVE-2024-22559
LightCMS v2.0 is vulnerable to Cross Site Scripting XSS in the Content Management - Articles field...
CVE-2023-27060
LightCMS v1.3.7 was discovered to contain a remote code execution RCE vulnerability via the image:make function...
CVE-2021-3355
A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords...
CVE-2024-22559
LightCMS v2.0 is vulnerable to Cross Site Scripting XSS in the Content Management - Articles field...
CVE-2024-22559
LightCMS v2.0 is vulnerable to Cross Site Scripting XSS in the Content Management - Articles field...