VYPR

lecms

by dazhouda

CVEs (5)

  • CVE-2025-3997MedApr 28, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-profile-ajax-1 of the component Personal Information Page. The manipulation leads to cross-site request forgery. It is possible to initiate…

  • CVE-2025-3979MedApr 27, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability classified as problematic has been found in dazhouda lecms 3.0.3. This affects an unknown part of the file /index.php?my-password-ajax-1 of the component Password Change Handler. The manipulation leads to cross-site request forgery. It is possible to initiate the…

  • CVE-2025-3978MedApr 27, 2025
    risk 0.28cvss 4.3epss 0.00

    A vulnerability was found in dazhouda lecms 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/view/default/user_set.htm. The manipulation leads to information disclosure. The attack may be launched remotely. The…

  • CVE-2025-3806LowApr 19, 2025
    risk 0.16cvss 2.4epss 0.00

    A vulnerability, which was classified as problematic, has been found in dazhouda lecms up to 3.0.3. Affected by this issue is some unknown functionality of the file /admin of the component Edit Profile Handler. The manipulation leads to cross site scripting. The attack may be…

  • CVE-2008-2833Jun 24, 2008
    risk 0.03cvss epss 0.04

    admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters.