cms
cms copied to clipboard
LavaLite
Multilingual PHP CMS built with Laravel and bootstrap
Admin login @ https://demo.lavalite.org/admin/login not work. `These credentials do not match our records.`
When I go to 127.0.0.1:8000/blog I get the following error after following the documentation on install: `Too few arguments to function Litecms\Blog\Http\Controllers\BlogPublicController::show(), 1 passed in /Users/melaniecarr/WebDevelopment/thehigheryougo/vendor/laravel/framework/src/Illuminate/Routing/Controller.php on line 54 and...
https://huntr.dev/bounties/ec94e1f7-203b-4408-b322-1f24e9a0f8a1/ https://huntr.dev/bounties/336a85d7-072e-40b7-b4fb-805e837b99d5/ https://huntr.dev/bounties/1127b993-a319-4ac0-ba25-78d0961d4946/ please verify the issues.
Version: v8.1.2 Please/consider remove the Password field and its value in the Users setting to avoid future issues. 
PoC 1: Affected endpoint: `POST http://localhost/website/public/admin/blog/blog/rA0kxlke49` Field: `Title` Parameter: `title` PoC 2: Affected endpoint: `POST http://localhost/website/public/admin/blog/tag/rA0kxlke49` Field: `Name` Parameter: `name` This issue is also reported via huntr.dev https://huntr.dev/bounties/50b2575f-01a2-4202-8d31-aa7f3164fdfb/
**Describe the bug** An authenticated malicious user can take advantage of a Stored XSS vulnerability in the "Contact" feature. **To Reproduce** Steps to reproduce the behavior: 1. Log into the...
**Describe the bug** An authenticated malicious user can take advantage of a Stored XSS vulnerability in the "Roles & Permissions" feature. **To Reproduce** Steps to reproduce the behavior: 1. Log...
There seems to be a bug in the [Demo](https://demo.lavalite.org/contact.htm).
I have just installed Lavalite CMS and when I first tired to log in as the admin user I get the following Exception:- ErrorException Trying to get property 'has_role' of...
