Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lepton-cms leptoncms vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-12705
Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS prior to 4.6.0.
Lepton-cms Leptoncms
NA
CVE-2024-24399
An arbitrary file upload vulnerability in LEPTON v7.0.0 allows authenticated malicious users to execute arbitrary PHP code by uploading this code to the backend/languages/index.php languages area.
Lepton-cms Leptoncms 7.0.0
NA
CVE-2020-24872
Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote malicious users to execute arbitrary code.
Lepton-cms Leptoncms 4.7.0
3.5
CVSSv2
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered.
Lepton-cms Leptoncms 4.7.0
4.3
CVSSv2
CVE-2020-12707
An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT elemen...
Lepton-cms Lepton Cms 4.5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started