We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Assigner | mitre |
Reserved | 2024-01-25 |
Published | 2024-01-25 |
Updated | 2024-10-18 |
An arbitrary file upload vulnerability in LEPTON v7.0.0 allows authenticated attackers to execute arbitrary PHP code by uploading this code to the backend/languages/index.php languages area.
https://github.com/capture0x/leptoncms/blob/main/README.md
https://packetstormsecurity.com/files/176647/Lepton-CMS-7.0.0-Remote-Code-Execution.html
https://github.com/capture0x/leptoncms
https://www.exploit-db.com/exploits/51949