CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Packet Storm•added 2026/02/20 12:0 a.m.•87 views

📄 Soosyze CMS 2.0 Rate Limit Scanner

Soosyze CMS 2.0 suffers from a missing authentication rate‑limiting vulnerability CWE‑307 on the /user/login endpoint. The application allows unlimited failed login attempts without triggering protections such as rate limiting, account lockout, or CAPTCHA. The provided automatic detection script...

5.6AI score

Exploits0

Packet Storm•added 2026/01/23 12:0 a.m.•103 views

📄 Soosyze CMS 2.0 Brute Forcer

Soosyze CMS version 2.0 authentication brute forcing tool that leverages an absence of rate limiting on the /user/login endpoint. ============================================================================================================================================= | Title : Soosyze CMS 2.0...

5.4CVSS5.5AI score0.01636EPSS

Exploits3

RedhatCVE•added 2025/12/16 8:44 p.m.•1 views

CVE-2023-53871

Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML files with embedded PHP code to the application. Attackers can exploit the broken file upload mechanism to potentially view sensitive file paths and execute malicious PHP scripts on the server...

9.8CVSS7.3AI score0.00434EPSS

Exploits1References1

Snyk•added 2025/12/15 9:44 p.m.•2 views

Arbitrary File Upload

Overview soosyze/soosyze is a Soosyze CMS is a minimalist content management system in PHP, without database to create and manage your website easily. Affected versions of this package are vulnerable to Arbitrary File Upload via the upload endpoint. An attacker can execute arbitrary PHP code and...

9.8CVSS7.6AI score0.00434EPSS

Exploits1References2

OSV•added 2025/12/15 9:15 p.m.•1 views

CVE-2023-53871

9.8CVSS7.3AI score

Exploits0References4

NVD•added 2025/12/15 9:15 p.m.•1 views

CVE-2023-53871

9.8CVSS0.00434EPSS

Exploits1References4

Vulnrichment•added 2025/12/15 8:28 p.m.•1 views

CVE-2023-53871 Soosyze 2.0.0 Unrestricted File Upload via Broken Upload Logic

6.9CVSS7AI score0.00434EPSS

Exploits1References4

Cvelist•added 2025/12/15 8:28 p.m.•16 views

CVE-2023-53871 Soosyze 2.0.0 Unrestricted File Upload via Broken Upload Logic

6.9CVSS0.00434EPSS

Exploits1References4

CVE•added 2025/12/15 8:28 p.m.•5 views

CVE-2023-53871

CVE-2023-53871 pertains to Soosyze 2.0.0 and describes an unrestricted file upload vulnerability due to a broken upload mechanism. The affected software is the Soosyze CMS (PHP) version 2.0.0, with the vulnerability allowing an attacker to upload arbitrary HTML files containing embedded PHP code....

9.8CVSS7AI score0.00434EPSS

Exploits1References4Affected Software1

CNNVD•added 2025/12/15 12:0 a.m.•2 views

soosyze 代码问题漏洞

soosyze is a content management system in Soosyze open source. A code issue vulnerability exists in version 2.0.0 of soosyze, which stems from a flaw in the file upload mechanism that could lead to the upload of arbitrary HTML files and execution of malicious PHP scripts...

9.8CVSS7AI score0.00434EPSS

Exploits1References5

Veracode•added 2025/09/04 8:40 a.m.•1 views

Brute-force Attack

soosyze/soosyze is vulnerable to Brute-force Attack. The vulnerability is due to missing rate-limiting and account lockout mechanisms on the /user/login endpoint, which allows an attacker to repeatedly attempt logins and potentially gain unauthorized administrative access...

5.4CVSS6.8AI score0.01636EPSS

Exploits3References5Affected Software1

CNVD•added 2025/08/21 12:0 a.m.•2 views

soosyze brute force login vulnerability

soosyze is Soosyze open source a content management system . soosyze has a brute force vulnerability , the vulnerability stems from the /user/login endpoint lack of rate limiting and locking mechanism , an attacker can use this vulnerability to cause brute force attack...

5.4CVSS6.5AI score0.01636EPSS

Exploits3References1

Packet Storm•added 2025/08/18 12:0 a.m.•107 views

📄 Soosyze CMS 2.0 Missing Rate Limiting

Soosyze CMS version 2.0 suffers from missing rate limiting that allows for brute force login attacks. Exploit Title: Soosyze CMS 2.0 - Brute Force Login Google Dork: N/A Date: 2025-08-13 Exploit Author: Beatriz Fresno Naumova beafn28 Vendor Homepage: https://soosyze.com/ Software Link:...

5.4CVSS6.5AI score0.01636EPSS

Exploits3

Exploit DB•added 2025/08/18 12:0 a.m.•279 views

Soosyze CMS 2.0 - Brute Force Login

Exploit Title: Soosyze CMS 2.0 - Brute Force Login Google Dork: N/A Date: 2025-08-13 Exploit Author: Beatriz Fresno Naumova beafn28 Vendor Homepage: https://soosyze.com/ Software Link: https://github.com/soosyze/soosyze Version: 2.0 tested Tested on: macOS Sonoma 14.x Apple Silicon M1, /bin/bash...

5.4CVSS7.4AI score0.01636EPSS

Exploits3

RedhatCVE•added 2025/08/15 12:30 a.m.•2 views

CVE-2025-52392

Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative access. This vulnerability corresponds to...

5.4CVSS7.2AI score0.01636EPSS

Exploits3References1

Snyk•added 2025/08/13 3:30 p.m.•1 views

Brute Force

Overview soosyze/soosyze is a Soosyze CMS is a minimalist content management system in PHP, without database to create and manage your website easily. Affected versions of this package are vulnerable to Brute Force via the user/login endpoint due to the absence of rate-limiting and lockout...

8.7CVSS7.2AI score0.01636EPSS

Exploits3References2

OSV•added 2025/08/13 3:30 p.m.•3 views

GHSA-VQ9X-W82R-RHMC Soosyze CMS's /user/login endpoint missing rate-limiting and lockout mechanisms

8.7CVSS7.1AI score0.01636EPSS

Exploits3References5