CVE-2024-24399

HIGH

Lepton CMS 7.0.0 - Authenticated Arbitrary File Upload via Backend Languages Index

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-24399. PoCs published by tmrswrr.

AI-analyzed exploit summary This exploit demonstrates an authenticated RCE in LeptonCMS 7.0.0 by uploading a malicious PHP file via the Languages module. The PoC uses a simple system command injection to execute 'id' and verify code execution.

Description

An arbitrary file upload vulnerability in LEPTON v7.0.0 allows authenticated attackers to execute arbitrary PHP code by uploading this code to the backend/languages/index.php languages area.

Exploits (1)

exploitdb WORKING POC
by tmrswrr · textwebappsphp
https://www.exploit-db.com/exploits/51949

This exploit demonstrates an authenticated RCE in LeptonCMS 7.0.0 by uploading a malicious PHP file via the Languages module. The PoC uses a simple system command injection to execute 'id' and verify code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: LeptonCMS 7.0.0
Auth required
Prerequisites: Admin credentials · Access to the Languages module
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.2
EPSS 0.0305
EPSS Percentile 87.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
lepton-cms/leptoncms 7.0.0
Published Jan 25, 2024
Tracked Since Feb 18, 2026