SQL injection vulnerability in modules/news/rss.php in LEPTON prior to 1.1.4 allows remote malicious users to execute arbitrary SQL commands via the group_id parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lepton-cms lepton 1.1.1 |
||
lepton-cms lepton |
||
lepton-cms lepton 1.1.2 |
||
lepton-cms lepton 1.1.0 |