CNNVD-202512-1254 Information

CNNVD ID

CNNVD-202512-1254

Related CVE

CVE-2025-56704

• CNNVD Published: 2025-12-09

Description (Chinese)

LeptonCMS是Lepton项目的一套内容管理系统（CMS）。 LeptonCMS 7.3.0版本存在安全漏洞，该漏洞源于文件验证不足，可能导致执行任意代码。

Description (English)

LeptonCMS is a content management system (CMS) for the Lepton project. There is a security gap in version 7.3.0 of LeptonCMS, which stems from inadequate document validation and may lead to the implementation of any code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Lepton

Published

2025-12-09

Last Modified

2026-02-24

References

http://lepton.com https://github.com/Kayi626/Vulns/blob/UserAccount/LEPTON_CMS_7.3.0_File_Upload_A.pdf https://github.com/Kayi626/Vulns/blob/UserAccount/LEPTON_CMS_7.3.0_File_Upload_B.pdf https://github.com/Kayi626/Vulns/blob/UserAccount/LEPTON_CMS_7.3.0_File_Upload_C.pdf

Patch

https://lepton-cms.org/english/home.php