📦 Leptoncms

LeptonCMS 7.3.0 contains an arbitrary file upload vulnerability due to insufficient file validation. Authenticated attackers can upload malicious ZIP/PHP files to achieve remote code execution. This a...

This vulnerability allows authenticated remote attackers to upload malicious PHP files to lepton v7.1.0, potentially leading to remote code execution. Any system running the vulnerable version of lept...

CVE-2024-24520 is a code injection vulnerability in Lepton CMS v7.0.0 that allows local attackers to execute arbitrary code via the upgrade.php file in the languages directory. This affects all instal...

CVE-2024-24399 is an arbitrary file upload vulnerability in LEPTON CMS v7.0.0 that allows authenticated attackers to upload PHP files to the languages directory, leading to remote code execution. This...