📄 Soosyze CMS 2.0 Rate Limit Scanner

Soosyze CMS 2.0 suffers from a missing authentication rate‑limiting vulnerability CWE‑307 on the /user/login endpoint. The application allows unlimited failed login attempts without triggering protections such as rate limiting, account lockout, or CAPTCHA. The provided automatic detection script...

soosyze brute force login vulnerability

soosyze is Soosyze open source a content management system . soosyze has a brute force vulnerability , the vulnerability stems from the /user/login endpoint lack of rate limiting and locking mechanism , an attacker can use this vulnerability to cause brute force attack...

Brute Force

Overview soosyze/soosyze is a Soosyze CMS is a minimalist content management system in PHP, without database to create and manage your website easily. Affected versions of this package are vulnerable to Brute Force via the user/login endpoint due to the absence of rate-limiting and lockout...

CVE-2025-52392

Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative access. This vulnerability corresponds to...

CVE-2025-52392

Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative access. This vulnerability corresponds to...