Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lepton vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2012-0999
SQL injection vulnerability in modules/news/rss.php in LEPTON prior to 1.1.4 allows remote malicious users to execute arbitrary SQL commands via the group_id parameter.
Lepton-cms Lepton 1.1.1
Lepton-cms Lepton
Lepton-cms Lepton 1.1.2
Lepton-cms Lepton 1.1.0
7.5
CVSSv2
CVE-2012-0998
Directory traversal vulnerability in account/preferences.php in LEPTON prior to 1.1.4 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the language parameter.
Lepton-cms Lepton 1.1.2
Lepton-cms Lepton 1.1.0
Lepton-cms Lepton
Lepton-cms Lepton 1.1.1
4.3
CVSSv2
CVE-2012-1000
Multiple cross-site scripting (XSS) vulnerabilities in LEPTON 1.1.3 and other versions prior to 1.1.4 allow remote malicious users to inject arbitrary web script or HTML via the (1) message parameter to admins/login/forgot/index.php, or the (2) display_name or (3) email parameter...
Lepton-cms Lepton 1.1.1
Lepton-cms Lepton
Lepton-cms Lepton 1.1.2
Lepton-cms Lepton 1.1.0
4.3
CVSSv2
CVE-2016-6235
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause a denial of service (segmentation fault) via a crafted jpeg file.
Lepton Project Lepton 1.0
4.3
CVSSv2
CVE-2016-6236
The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted jpeg file.
Lepton Project Lepton 1.0
4.3
CVSSv2
CVE-2016-6237
The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause denial of service (out-of-bounds write) via a crafted jpeg file.
Lepton Project Lepton 1.0
NA
CVE-2022-4104
A loop with an unreachable exit condition can be triggered by passing a crafted JPEG file to the Lepton image compression tool, resulting in a denial-of-service.
Lepton Project Lepton 1.2
4.3
CVSSv2
CVE-2016-6234
The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause a denial of service (crash) via a crafted jpeg file.
Lepton Project Lepton 1.0
4.3
CVSSv2
CVE-2016-6238
The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote malicious users to cause denial of service (out-of-bounds read) via a crafted jpeg file.
Lepton Project Lepton 1.0
4.3
CVSSv2
CVE-2020-12707
An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT elemen...
Lepton-cms Lepton Cms 4.5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »