CVE-2024-24520

HIGH

Lepton CMS 7.0.0 - Remote Code Execution via Upgrade.php Language Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-24520. PoCs published by tmrswrr.

AI-analyzed exploit summary This exploit demonstrates an authenticated RCE in LeptonCMS 7.0.0 by uploading a malicious PHP file via the Languages module. The PoC uses a simple system command injection to execute 'id' and verify code execution.

Description

An issue in Lepton CMS v.7.0.0 allows a local attacker to execute arbitrary code via the upgrade.php file in the languages place.

Exploits (1)

exploitdb WORKING POC

by tmrswrr · textwebappsphp

https://www.exploit-db.com/exploits/51949

View Code ZIP pw:eip

This exploit demonstrates an authenticated RCE in LeptonCMS 7.0.0 by uploading a malicious PHP file via the Languages module. The PoC uses a simple system command injection to execute 'id' and verify code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: LeptonCMS 7.0.0

Auth required

Prerequisites: Admin credentials · Access to the Languages module

MITRE ATT&CK

T1203 - Exploitation for Client Execution T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Not Applicable

http://lepton.com

Exploit

https://github.com/capture0x/leptoncms

View Exploit ZIP pw:eip

Broken Link

https://github.com/xF9979/LEPTON-CMS

Exploit

https://packetstormsecurity.com/files/176647/Lepton-CMS-7.0.0-Remote-Code-Execution.html

Exploit

https://www.exploit-db.com/exploits/51949

Scores

CVSS v3 7.8

EPSS 0.0018

EPSS Percentile 39.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

lepton-cms/leptoncms 7.0.0

Published Mar 21, 2024

Tracked Since Feb 18, 2026