Lucene search
K

11 matches found

Cvelist
Cvelist
added 2026/06/01 4:9 p.m.31 views

CVE-2026-45701 Sulu: Weak Cryptographical usage for API Key generation and Reset Tokens

Sulu is an open-source PHP content management system based on the Symfony framework. Prior to versions 2.6.23 and 3.0.6, the password reset tokenand API key generation uses a weak cryptographical hash algorithm. This issue has been patched in versions 2.6.23 and 3.0.6...

6.9CVSS0.00193EPSS
Exploits0References3
NVD
NVD
added 2026/03/31 9:16 p.m.9 views

CVE-2026-34372

Sulu is an open-source PHP content management system based on the Symfony framework. From versions 1.0.0 to before 2.6.22, and 3.0.0 to before 3.0.5, a user which has permission for the Sulu Admin via at least one role could have access to the sub-entities of contacts via the admin API without ev...

5.3CVSS0.00258EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.9 views

EUVD-2021-2479

Malware in sbrugna...

7.2CVSS6.9AI score0.01134EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-2208

Malware in sbrugna...

6.2CVSS5.7AI score0.00572EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-0641

Malicious code in bioql PyPI...

4.8CVSS5AI score0.00518EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/05/23 9:38 a.m.9 views

CVE-2024-24807

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. There is an issue when inputting HTML into the Tag name. The HTML is executed when the tag name is listed in the auto complete form. Only admin users can create tags so they are the only ones...

4.8CVSS6.7AI score0.00518EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:59 a.m.5 views

CVE-2024-47618

Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded and accessed, the malicious javascript will be executed on the victims’ other users including...

5.4CVSS6.1AI score0.00362EPSS
Exploits0References1
Snyk
Snyk
added 2024/10/03 6:25 p.m.3 views

Cross-site Scripting (XSS)

Overview sulu/sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Affected versions of this package are vulnerable to Cross-site Scripting XSS via uploaded SVG files. An attacker can execute arbitrary JavaScript code on the victim's browser by...

6.1CVSS5.6AI score0.00362EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/03 12:0 a.m.5 views

Sulu 跨站脚本漏洞

Sulu is a Symfony framework on an extensible, PHP-based open source content management system from Sulu, Austria. A cross-site scripting vulnerability exists in Sulu. An attacker can exploit this vulnerability to inject arbitrary HTML/JavaScript code...

6.1CVSS6.2AI score0.00331EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/07/13 12:0 a.m.6 views

The vulnerability of the Sulu content management system, related to the lack of measures taken to protect the website structure, allows attackers to perform cross-site scripting attacks.

The vulnerability of the Sulu content management system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripting attacks...

8.4CVSS5.4AI score0.00665EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.6 views

SULU Sulu 跨站脚本漏洞

SULU Sulu is an extensible, PHP-based open source content management system on Symfony framework from Sulu SULU Austria. A cross-site scripting vulnerability exists in Sulu, which stems from a collection title that does not securely validate user input, and allows an attacker to enter a malicious...

8.4CVSS5.8AI score0.00665EPSS
Exploits0References3
Rows per page
Query Builder