# Exploit Title:  LEPTON 7.4.0 Remote Code Execution (RCE) 
# Exploit Author: tmrswrr /Hulya KARABAG
# Vendor Homepage: https://lepton-cms.org/
# Software Link: https://lepton-cms.org/media/download_gallery/LEPTON_stable_7.4.0.zip
# Version : LEPTON 7.4.0 stable
# Date: October 29, 2025  


## Vulnerability Description

LEPTON CMS version 7.4.0 contains a remote code execution vulnerability that allows authenticated administrators to execute arbitrary system commands through the Droplets functionality. This vulnerability arises from improper input validation and execution control within the Droplets feature.

## Proof of Concept

### Prerequisites
- Valid administrator credentials
- Access to the LEPTON CMS administrative interface

### Exploitation Steps

1. Authentication
   - Log into the LEPTON CMS administration panel with administrator privileges

2. Access Droplets Management
   - Navigate to: Menu > Administration > Admin-Tools
   - Select the "Droplets" option

3. Create Malicious Droplet
   - Click "Create New"
   - Enter a droplet name (e.g., `malicious-droplet`)
   - In the code field, insert the payload:
   
      
     echo system('id');
      
   - Click "Save and Back" to store the droplet

4. Trigger Execution
   - Edit or create any page within the CMS
   - In the content editor, insert the droplet using the syntax:
     
     [[malicious-droplet]]
     
   - Save the page modifications

5. Verify Exploitation
   - Preview or visit the modified page
   - The system command output will be displayed, confirming successful code execution