3 matches found
CVE-2012-0998
LEPTON CVE-2012-0998 is a Local File Inclusion vulnerability in the account/preferences.php flow. Input passed via the language parameter is saved into the session and later used by include(), enabling an attacker to traverse directories and include local files. Affected product/version: LEPTON p...
LEPTON 1.1.3 SQL Injection / XSS / Local File Inclusion
Exploit for php platform in category web applications Vendor: LEPTON Project Vulnerable Versions: 1.1.3 and probably prior Tested Version: 1.1.3 Vendor Notification: 25 January 2012 Vendor Patch: 4 February 2012 Public Disclosure: 15 February 2012 Vulnerability Type: Local File Inclusion, SQL...
Multiple vulnerabilities in LEPTON
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in LEPTON, which can be exploited to perform Local File Inclusion, Cross Site Scripting and SQL Injection attacks. 1 Local File Inclusion in LEPTON: CVE-2012-0998 Input passed via the "language" POST parameter to...