Lucene search
K

59 matches found

Check Point Advisories
Check Point Advisories
added 2021/04/25 12:0 a.m.4 views

LightCMS Remote Code execution (CVE-2021-27112)

A remote code execution vulnerability exists in LightCMS. Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on the affected system...

7.5CVSS7.2AI score0.02423EPSS
Exploits1
CNVD
CNVD
added 2021/04/21 12:0 a.m.3 views

Arbitrary File Read Vulnerability in LightCMS

LightCMS is a lightweight content management system CMS that can also be used as a general-purpose back-office management framework. An arbitrary file read vulnerability exists in LightCMS, which can be exploited by an attacker to read arbitrary files...

7AI score
Exploits0
CNVD
CNVD
added 2021/04/16 12:0 a.m.8 views

LightCMS Remote Code Execution Vulnerability

LightCMS is a lightweight content management system CMS that can also be used as a general-purpose back-office management framework. A remote code execution vulnerability exists in /app/Http/Controllers/Admin/NEditorController.php in LightCMS v1.3.5 during external image download. An attacker can...

9.8CVSS7.8AI score0.02423EPSS
Exploits1References1
NVD
NVD
added 2021/04/15 4:15 p.m.11 views

CVE-2021-27112

LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images...

9.8CVSS0.02423EPSS
Exploits1References1
OSV
OSV
added 2021/04/15 4:15 p.m.10 views

CVE-2021-27112

LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images...

9.8CVSS7.8AI score
Exploits0References1
Prion
Prion
added 2021/04/15 4:15 p.m.18 views

Remote code execution

LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images...

7.5CVSS9.6AI score0.02423EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/04/15 3:5 p.m.21 views

CVE-2021-27112

LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images...

9.9AI score0.02423EPSS
Exploits1References1
CVE
CVE
added 2021/04/15 3:5 p.m.42 views

CVE-2021-27112

LightCMS v1.3.5 is affected by a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during external image download. The issue enables arbitrary code execution on successful exploitation, with no exploitation details provided in the sources. Affected product: ...

9.8CVSS9.7AI score0.02423EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/04/15 12:0 a.m.5 views

Jianhua Sun LightCMS 安全漏洞

LightCMS is a lightweight content management system CMS that can also be used as a general-purpose back-office management framework. A remote code execution vulnerability exists in /app/Http/Controllers/Admin/NEditorController.php in LightCMS v1.3.5 during external image download. An attacker can...

9.8CVSS6.7AI score0.02423EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2021/02/26 12:0 a.m.194 views

LightCMS 1.3.4 Cross Site Scripting

Exploit Title: LightCMS 1.3.4 - 'exclusive' Stored XSS Date: 25/02/2021 Exploit Author: Peithon Vendor Homepage: https://github.com/eddy8/LightCMS Software Link: https://github.com/eddy8/LightCMS/releases/tag/v1.3.4 Version: 1.3.4 Tested on: latest version of Chrome, Firefox on Windows and Linux...

5.6AI score0.0725EPSS
Exploits4
0day.today
0day.today
added 2021/02/26 12:0 a.m.31 views

LightCMS 1.3.4 - (exclusive) Stored XSS Vulnerability

Exploit Title: LightCMS 1.3.4 - 'exclusive' Stored XSS Exploit Author: Peithon Vendor Homepage: https://github.com/eddy8/LightCMS Software Link: https://github.com/eddy8/LightCMS/releases/tag/v1.3.4 Version: 1.3.4 Tested on: latest version of Chrome, Firefox on Windows and Linux CVE: CVE-2021-335...

5.4CVSS0.1AI score0.0725EPSS
Exploits4
CNVD
CNVD
added 2021/02/26 12:0 a.m.8 views

LightCMS Cross-Site Scripting Vulnerability

LightCMS is a lightweight content management system CMS that can also be used as a general-purpose back-office management framework. A cross-site scripting vulnerability exists in LightCMS v1.3.4 that allows an attacker to execute HTML or JavaScript code to manage sensitive words in a vulnerable...

5.4CVSS6AI score0.0725EPSS
Exploits4References1
Exploit DB
Exploit DB
added 2021/02/26 12:0 a.m.179 views

LightCMS 1.3.4 - 'exclusive' Stored XSS

Exploit Title: LightCMS 1.3.4 - 'exclusive' Stored XSS Date: 25/02/2021 Exploit Author: Peithon Vendor Homepage: https://github.com/eddy8/LightCMS Software Link: https://github.com/eddy8/LightCMS/releases/tag/v1.3.4 Version: 1.3.4 Tested on: latest version of Chrome, Firefox on Windows and Linux...

5.4CVSS5.5AI score0.0725EPSS
Exploits4
NVD
NVD
added 2021/02/24 3:15 p.m.29 views

CVE-2021-3355

A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords...

5.4CVSS0.0725EPSS
Exploits4References4
OSV
OSV
added 2021/02/24 3:15 p.m.10 views

CVE-2021-3355

A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords...

5.4CVSS6AI score
Exploits0References4
Prion
Prion
added 2021/02/24 3:15 p.m.12 views

Cross site scripting

A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords...

3.5CVSS5.3AI score0.0725EPSS
Exploits4References4Affected Software1
Cvelist
Cvelist
added 2021/02/24 3:0 p.m.36 views

CVE-2021-3355

A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords...

5.5AI score0.0725EPSS
Exploits4References4
CVE
CVE
added 2021/02/24 3:0 p.m.72 views

CVE-2021-3355

LightCMS v1.3.4 contains a stored-self XSS in the Title field used for Sensitive Words (to /admin/SensitiveWords). Exploitation involves injecting HTML/JavaScript into the vulnerable title, with PoC payloads available (e.g., from Exploit-DB). The issue is confirmed across multiple sources (NVD, C...

5.4CVSS5.3AI score0.0725EPSS
Exploits4References4Affected Software1
CNNVD
CNNVD
added 2021/02/24 12:0 a.m.5 views

LightCMS v跨站脚本漏洞

LightCMS is a lightweight content management system CMS that can also be used as a general-purpose back-office management framework. A cross-site scripting vulnerability exists in LightCMS v1.3.4 that allows an attacker to execute HTML or JavaScript code to manage sensitive words in a vulnerable...

5.4CVSS6AI score0.0725EPSS
Exploits4References7
Rows per page
Query Builder