Skip to main content

Sulu

10 CVEs product

Monthly

CVE-2024-47618 PHP MEDIUM PATCH This Month

Sulu is a PHP content management system. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Sulu
NVD GitHub
CVSS 4.0
5.1
EPSS
0.4%
CVE-2024-47617 PHP MEDIUM PATCH This Month

Sulu is a PHP content management system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Sulu
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2024-27915 PHP HIGH PATCH This Week

Sulu is a PHP content management system. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass PHP Sulu
NVD GitHub
CVSS 3.1
8.1
EPSS
0.4%
CVE-2024-24807 PHP MEDIUM PATCH This Month

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Sulu
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2023-39343 PHP MEDIUM PATCH This Month

Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure PHP Sulu
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
CVE-2021-43836 PHP HIGH PATCH This Week

Sulu is an open-source PHP content management system based on the Symfony framework. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

PHP RCE Path Traversal Sulu
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
CVE-2021-43835 PHP HIGH PATCH This Week

Sulu is an open-source PHP content management system based on the Symfony framework. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

PHP Privilege Escalation Sulu
NVD GitHub
CVSS 3.1
7.2
EPSS
1.1%
CVE-2021-41169 PHP MEDIUM PATCH This Month

Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Sulu
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2021-32737 PHP MEDIUM PATCH This Month

Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Sulu
NVD GitHub
CVSS 3.1
4.8
EPSS
0.7%
CVE-2020-15132 PHP MEDIUM POC PATCH This Month

In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Sulu
NVD GitHub
CVSS 3.1
5.3
EPSS
1.1%
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Sulu is a PHP content management system. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Sulu
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Sulu is a PHP content management system. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Sulu
NVD GitHub
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Sulu is a PHP content management system. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Authorization vulnerability could allow attackers to bypass authorization checks to access restricted resources.

Authentication Bypass PHP Sulu
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

Sulu is a highly extensible open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Sulu
NVD GitHub
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure PHP Sulu
NVD GitHub
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Sulu is an open-source PHP content management system based on the Symfony framework. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

PHP RCE Path Traversal +1
NVD GitHub
EPSS 1% CVSS 7.2
HIGH PATCH This Week

Sulu is an open-source PHP content management system based on the Symfony framework. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

PHP Privilege Escalation Sulu
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

PHP XSS Sulu
NVD GitHub
EPSS 1% CVSS 4.8
MEDIUM PATCH This Month

Sulu is an open-source PHP content management system based on the Symfony framework. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP XSS Sulu
NVD GitHub
EPSS 1% CVSS 5.3
MEDIUM POC PATCH This Month

In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Sulu
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy