CVE-2020-12705

Multiple cross-site scripting XSS vulnerabilities exist in LeptonCMS before 4.6.0...

CVE-2020-12707

An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT elements...

CVE-2025-56704

LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP file to execute arbitrary code...

EUVD-2025-202289

LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP file to execute arbitrary code...

CVE-2025-56704

LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP file to execute arbitrary code...

CVE-2025-56704

LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP file to execute arbitrary code...

PT-2025-50106

Name of the Vulnerable Software and Affected Versions LeptonCMS version 7.3.0 Description LeptonCMS version 7.3.0 is affected by an arbitrary file upload issue due to insufficient validation of uploaded files. An authenticated attacker can exploit this by uploading a specially crafted ZIP/PHP fil...

LeptonCMS 安全漏洞

LeptonCMS is a content management system CMS from the Lepton Project. A security vulnerability exists in LeptonCMS version 7.3.0 that stems from insufficient file validation and could lead to the execution of arbitrary code...

CVE-2025-56704

LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP file to execute arbitrary code...

CVE-2025-56704

LeptonCMS 7.3.0 is affected by an arbitrary file upload vulnerability caused by insufficient validation of uploaded files. An authenticated attacker can upload a crafted ZIP/PHP file to execute arbitrary code. Affected software: LeptonCMS 7.3.0. Root cause: lack of proper validation during file u...

CVE-2025-56704

LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP file to execute arbitrary code...

EUVD-2020-4993

Malware in sbrugna...

EUVD-2020-4995

Malware in sbrugna...

LeptonCMS 安全漏洞

LeptonCMS is a content management system CMS from the Lepton Project. A security vulnerability exists in LeptonCMS version v.7.1.0, which originates from a vulnerability that could allow an authenticated, remote attacker to execute arbitrary code by uploading a crafted PHP file...

LeptonCMS 7.0.0 - Remote Code Execution (RCE) (Authenticated)

Exploit Title: LeptonCMS 7.0.0 - Remote Code Execution RCE Authenticated Date: 2024-1-19 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://www.lepton-cms.com/ Version : 7.0.0 1 Login with admin cred https://127.0.0.1/LEPTON/backend/login/index.php 2 Go to Languages place...

LeptonCMS 安全漏洞

LeptonCMS is a content management system CMS from the Lepton Project. A security vulnerability exists in LeptonCMS version v.7.1.0. A remote attacker can exploit this vulnerability to execute arbitrary code by uploading specially crafted PHP files to the save.php and config.php components...

LeptonCMS 安全漏洞

LeptonCMS is a content management system CMS from the Lepton Project. A security vulnerability exists in LeptonCMS version v.7.0.0 that originates from allowing a local attacker to execute arbitrary code via the upload.php file...

LeptonCMS Arbitrary File Upload Vulnerability

LeptonCMS is a content management system CMS for the Lepton Project. An arbitrary file upload vulnerability exists in LeptonCMS version v7.0.0, which stems from the application's lack of effective authentication of uploaded files. An authenticated attacker can exploit this vulnerability to execut...

Privilege escalation

An arbitrary file upload vulnerability in LeptonCMS v7.0.0 allows authenticated attackers to execute arbitrary code via uploading a crafted PHP file...

LeptonCMS 代码问题漏洞

LeptonCMS is a content management system CMS for the Lepton Project. An arbitrary file upload vulnerability exists in LeptonCMS version v7.0.0, which stems from the application's lack of effective authentication of uploaded files. An authenticated attacker can exploit this vulnerability to execut...