Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
lepton vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2011-3385
Cross-site scripting (XSS) vulnerability in WebsiteBaker prior to 2.8, as used in LEPTON and possibly other products, allows remote malicious users to inject arbitrary web script or HTML via unknown vectors, a different vulnerability than CVE-2006-2307.
Websitebaker2 Websitebaker 2.6.7
Lepton-cms Lepton
Websitebaker2 Websitebaker
383
VMScore
CVE-2020-12705
Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS prior to 4.6.0.
Lepton-cms Leptoncms
605
VMScore
CVE-2022-26181
Dropbox Lepton v1.2.1-185-g2a08b77 exists to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108.
Dropbox Lepton 1.2.1
383
VMScore
CVE-2017-7448
The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.
Dropbox Lepton 1.2.1
605
VMScore
CVE-2018-20819
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows malicious users to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing ...
Dropbox Lepton 1.2.1
383
VMScore
CVE-2018-20820
read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows malicious users to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.
Dropbox Lepton 1.2.1
383
VMScore
CVE-2017-8891
Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.
Dropbox Lepton 1.2.1
384
VMScore
CVE-2018-12108
An issue exists in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote malicious users to cause a denial of service (SIGFPE and application crash) via a malformed file.
Dropbox Lepton 1.2.1
NA
CVE-2020-24872
Cross Site Scripting (XSS) vulnerability in backend/pages/modify.php in Lepton-CMS version 4.7.0, allows remote malicious users to execute arbitrary code.
Lepton-cms Leptoncms 4.7.0
312
VMScore
CVE-2020-29240
Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacker can inject the XSS payload in the URL field of the admin page and each time an admin visits the Menu-Pages-Pages Overview section, the XSS will be triggered.
Lepton-cms Leptoncms 4.7.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »