Gml-Sec

**Name of the Vulnerable Software and Affected Versions** LightCMS version 1.3.7 **Description** The issue is related to a remote code execution (RCE) vulnerability. It is specifically exploitable via the `image:make` function. **Recommendations** For LightCMS version 1.3.7, as a temporary workaround, consider disabling the `image:make` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: LightCMS version 1.3.5 Description: The issue concerns a remote code execution vulnerability. It occurs in the /app/Http/Controllers/Admin/NEditorController.php file during the process of downloading external images. Recommendations: For LightCMS version 1.3.5, consider disabling the image download functionality in the NEditorController until a patch is available. Restrict access to the /app/Http/Controllers/Admin/NEditorController.php file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.