RSS   Vulnerabilities for 'Lightcms'   RSS

2021-04-15
 
CVE-2021-27112

NVD-CWE-noinfo
 

 
LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images.

 
2021-02-24
 
CVE-2021-3355

CWE-79
 

 
A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords.

 


Copyright 2024, cxsecurity.com

 

Back to Top