48 matches found
EUVD-2020-17580
Malware in sbrugna...
EUVD-2020-21619
Malware in sbrugna...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting XSS. An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
PT-2024-20433 · Leptoncms · Leptoncms
Name of the Vulnerable Software and Affected Versions: Lepton CMS version 7.0.0 Description: An issue in Lepton CMS allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place. Recommendations: For Lepton CMS version 7.0.0, consider restricting access to the...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
CVE-2024-24520
CVE-2024-24520 affects Lepton CMS v7.0.0. The issue is a local arbitrary-code execution via the upgrade.php file in the languages place, enabling a local attacker to compromise the system. According to Red Hat and CNNVD records, the vulnerability exists in Lepton CMS 7.0.0. The Red Hat entry and ...
CVE-2024-24520
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place...
Lepton CMS 7.0.0 Remote Code Execution Vulnerability
Exploit Title: LeptonCMS Version : 7.0.0 Remote Code Execution Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://www.lepton-cms.com/ Version : 7.0.0 Tested on: https://www.softaculous.com/apps/cms/LEPTON 1 Login with admin cred https://127.0.0.1/LEPTON/backend/login/index.php 2 G...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
Cross site scripting
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-24872
CVE-2020-24872 is a cross-site scripting vulnerability in Lepton-CMS 4.7.0, stemming from lack of proper filtering/escaping in backend/pages/modify.php. The issue allows remote attackers to inject and execute arbitrary web scripts or HTML when a user views or submits crafted data, with the CVSS i...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-24872
Cross Site Scripting XSS vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code...
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting XSS. An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered...
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting XSS. An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered...