Lepton-cms : Security Vulnerabilities, CVEs, (Code Execution)
File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file to the save.php and config.php component.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-03-25
Updated
2024-03-26
An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place.
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-02-29
Updated
2024-03-21
An arbitrary file upload vulnerability in LeptonCMS v7.0.0 allows authenticated attackers to execute arbitrary code via uploading a crafted PHP file.
Max CVSS
7.2
EPSS Score
0.06%
Published
2024-01-25
Updated
2024-01-29
Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote attackers to execute arbitrary code.
Max CVSS
6.1
EPSS Score
0.06%
Published
2023-08-11
Updated
2023-08-16
4 vulnerabilities found