Skip to main content
Affected Products
Affected Products
Vendor / product matrix with CVE counts sourced from the CPE catalog.
Vendor
Product
in lightcms_project
Min CVSS
Any
Low (0.1+)
Medium (4.0+)
High (7.0+)
Critical (9.0+)
Sort By
Vendor (A–Z)
Most CVEs
Worst Severity
Most KEV
Apply
Clear
Export CSV
Products
1 vendor
Vendor
Products
CVEs
KEV
Avg EPSS
Worst Severity
lightcms_project
1
3
0
10.3%
CRITICAL
← First page
Next page →
Related CVEs
3
Sort
Newest first
Highest EPSS
Highest CVSS
Severity
CVE ID
Description
Severity
CVSS
KEV
EPSS
Published
CVE-2026-29934
A reflected cross-site scripting (XSS) vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header.
MEDIUM
6.1
—
10.3%
Mar 26, 2026
CVE-2024-22559
LightCMS v2.0 is vulnerable to Cross Site Scripting (XSS) in the Content Management - Articles field.
MEDIUM
5.4
—
—
Jan 29, 2024
CVE-2023-27060
LightCMS v1.3.7 was discovered to contain a remote code execution (RCE) vulnerability via the image:make function.
CRITICAL
9.8
—
—
Mar 22, 2023