eddy8/LightCMS

eddy8/LightCMS

Releases20

Frequency3 months 4 weeks

Last Release 3 months ago

Stars356

LightCMS 是一个基于 Laravel 开发的轻量级 CMS 系统，也可以作为一个通用的后台管理框架使用。A lightweight cms/admin framework powered by Laravel.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2026-29934 ↗	Mar 26, 2026Thursday, 26 March 2026, 15:16	6.1 MEDIUM	—
A reflected cross-site scripting (XSS) vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header.
CVE-2024-22559 ↗	Jan 29, 2024Monday, 29 January 2024, 14:15	5.4 MEDIUM	—
LightCMS v2.0 is vulnerable to Cross Site Scripting (XSS) in the Content Management - Articles field.
CVE-2023-27060 ↗	Mar 22, 2023Wednesday, 22 March 2023, 22:15	9.8 CRITICAL	—
LightCMS v1.3.7 was discovered to contain a remote code execution (RCE) vulnerability via the image:make function.
CVE-2022-33009 ↗	Jun 27, 2022Monday, 27 June 2022, 23:15	4.8 MEDIUM	3.5 LOW
A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file.