Directory traversal vulnerability in account/preferences.php in LEPTON prior to 1.1.4 allows remote malicious users to include and execute arbitrary files via a .. (dot dot) in the language parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lepton-cms lepton 1.1.2 |
||
lepton-cms lepton 1.1.0 |
||
lepton-cms lepton |
||
lepton-cms lepton 1.1.1 |