ceoo

1 exploit Active since Aug 2025
CVE-2025-52392 NOMISEC MEDIUM WORKING POC
Soosyze CMS 2.0 - Brute-Force Login via Unrestricted Authentication Attempts
Soosyze CMS 2.0 allows brute-force login attacks via the /user/login endpoint due to missing rate-limiting and lockout mechanisms. An attacker can repeatedly submit login attempts without restrictions, potentially gaining unauthorized administrative access. This vulnerability corresponds to CWE-307: Improper Restriction of Excessive Authentication Attempts.
1 stars
CVSS 5.4