Kayi626/Vulns

Releases0

A Repo for storing discovered vulnerabilities

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-56704 ↗	Dec 9, 2025Tuesday, 9 December 2025, 17:15	8.8 HIGH	—
LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading a specially crafted ZIP/PHP file to execute arbitrary code.