Skip to main content
CVE-2021-27112 CRITICAL POC Act Now

LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP Lightcms
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2021-27850 CRITICAL POC PATCH THREAT Act Now

A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Apache Information Disclosure Java Tapestry
NVD
CVSS 3.1
9.8
EPSS
94.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy