CVE-2023-48202

Cross-Site Scripting XSS vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component...

CVE-2023-48202

Cross-Site Scripting XSS vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component...

CVE-2023-48201

Cross Site Scripting XSS vulnerability in Sunlight CMS v.8.0.1, allows remote authenticated attackers to execute arbitrary code and escalate privileges via a crafted script to the Content text editor component...

CVE-2023-48201

Cross Site Scripting XSS vulnerability in Sunlight CMS v.8.0.1, allows remote authenticated attackers to execute arbitrary code and escalate privileges via a crafted script to the Content text editor component...

CVE-2023-48202

Cross-Site Scripting XSS vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component...

Cross site scripting

Cross-Site Scripting XSS vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component...

Cross site scripting

Cross Site Scripting XSS vulnerability in Sunlight CMS v.8.0.1, allows remote authenticated attackers to execute arbitrary code and escalate privileges via a crafted script to the Content text editor component...

CVE-2023-48201

Cross Site Scripting XSS vulnerability in Sunlight CMS v.8.0.1, allows remote authenticated attackers to execute arbitrary code and escalate privileges via a crafted script to the Content text editor component...

Sunlight CMS Security Vulnerability

Sunlight CMS is a content management system from Sunlight CMS open source. A security vulnerability exists in Sunlight CMS version 8.0.1. An attacker exploited the vulnerability to escalate privileges via a specially crafted SVG file in the File Manager component...

CVE-2023-48202

Cross-Site Scripting XSS vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component...

CVE-2023-48202

CVE-2023-48202 affects Sunlight CMS 8.0.1. An authenticated low-privileged user can escalate privileges via a crafted SVG file in the File Manager component, exploiting an XSS flaw. The vulnerability is documented across multiple feeds (NVD, Red Hat, OSV, CNNVD, etc.). Remediation guidance observ...

CVE-2023-48201

Sunlight CMS 8.0.1 is affected by a Cross Site Scripting (XSS) vulnerability in the Content text editor component. A remote authenticated attacker can craft a script that, when processed by the editor, may lead to arbitrary code execution and privilege escalation. The available sources consistent...

CVE-2023-48202

Cross-Site Scripting XSS vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component...

Sunlight CMS Security Vulnerability

Sunlight CMS is a content management system from Sunlight CMS open source. A security vulnerability exists in Sunlight CMS version v.8.0.1. A remote attacker can exploit the vulnerability to execute arbitrary code and escalate privileges via a specially crafted script...

PT-2023-30727 · Unknown · Sunlight Cms

Name of the Vulnerable Software and Affected Versions: Sunlight CMS version 8.0.1 Description: The issue allows remote authenticated attackers to execute arbitrary code and escalate privileges via a crafted script to the Content text editor component. This is a Cross Site Scripting XSS...

PT-2023-30728 · Unknown · Sunlight Cms

Name of the Vulnerable Software and Affected Versions: Sunlight CMS version 8.0.1 Description: A Cross-Site Scripting XSS issue allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component. Recommendations: For Sunlight CMS version 8.0.1,...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to 1 connect.php or 2 modules/startup.php...

CVE-2007-2774

Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to 1 connect.php or 2 modules/startup.php...

CVE-2007-2774

Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to 1 connect.php or 2 modules/startup.php...

CVE-2007-2774

Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to 1 connect.php or 2 modules/startup.php...