lightcms_project lightcms CVE 漏洞(6)

CVE 数: 6 CPE versions: View versions table

摘要

本页列出影响 lightcms_project lightcms 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。

显示 166 CVE 数
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
CVE 摘要 来源 最高 CVSS EPSS % 公开时间 更新时间
CVE-2026-29934 A reflected cross-site scripting (XSS) vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header. [email protected] 6.1 0.20% 2026-03-26 2026-06-17
CVE-2024-22559 LightCMS v2.0 is vulnerable to Cross Site Scripting (XSS) in the Content Management - Articles field. [email protected] 5.4 0.33% 2024-01-29 2026-06-17
CVE-2023-27060 LightCMS v1.3.7 was discovered to contain a remote code execution (RCE) vulnerability via the image:make function. [email protected] 9.8 1.30% 2023-03-22 2026-06-17
CVE-2022-33009 A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file. [email protected] 4.8 0.56% 2022-06-27 2026-07-04
CVE-2021-27112 LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images. [email protected] 9.8 2.42% 2021-04-15 2026-06-16
CVE-2021-3355 A stored-self XSS exists in LightCMS v1.3.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/SensitiveWords. [email protected] 5.4 7.25% 2021-02-24 2026-06-17
«« 第一页 « 上一页 第 1 / 1 页 下一页 »
cvelogic Threat Intelligence