Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lepton vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-3385
Cross-site scripting (XSS) vulnerability in WebsiteBaker prior to 2.8, as used in LEPTON and possibly other products, allows remote malicious users to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2006-2307.
Websitebaker2 Websitebaker 2.6.7
Lepton-cms Lepton
Websitebaker2 Websitebaker
4.3
CVSSv2
CVE-2018-12108
An issue exists in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote malicious users to cause a denial of service (SIGFPE and application crash) via a malformed file.
Dropbox Lepton 1.2.1
4.3
CVSSv2
CVE-2017-7448
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
Dropbox Lepton 1.2.1
6.8
CVSSv2
CVE-2018-20819
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing ...
Dropbox Lepton 1.2.1
6.8
CVSSv2
CVE-2022-26181
Dropbox Lepton v1.2.1-185-g2a08b77 exists to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.
Dropbox Lepton 1.2.1
4.3
CVSSv2
CVE-2018-20820
read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows malicious users to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.
Dropbox Lepton 1.2.1
4.3
CVSSv2
CVE-2020-12705
Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS prior to 4.6.0.
Lepton-cms Leptoncms
4.3
CVSSv2
CVE-2017-8891
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.
Dropbox Lepton 1.2.1
3.5
CVSSv2
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered.
Lepton-cms Leptoncms 4.7.0
NA
CVE-2020-24872
Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote malicious users to execute arbitrary code.
Lepton-cms Leptoncms 4.7.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »