Sunlight-Cms Sunlight Cms vulnerabilities
3 known vulnerabilities affecting sunlight-cms/sunlight_cms.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2007-2774P3HIGHCVSS 7.5PoCv5.32007-05-21
CVE-2007-2774 [HIGH] CVE-2007-2774: Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to exe
Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to (1) _connect.php or (2) modules/startup.php.
nvd
CVE-2023-48201P4MEDIUMCVSS 5.4v8.0.12024-01-27
CVE-2023-48201 [MEDIUM] CWE-79 CVE-2023-48201: Cross Site Scripting (XSS) vulnerability in Sunlight CMS v.8.0.1, allows remote authenticated attack
Cross Site Scripting (XSS) vulnerability in Sunlight CMS v.8.0.1, allows remote authenticated attackers to execute arbitrary code and escalate privileges via a crafted script to the Content text editor component.
nvd
CVE-2023-48202P4MEDIUMCVSS 5.4v8.0.12024-01-27
CVE-2023-48202 [MEDIUM] CWE-79 CVE-2023-48202: Cross-Site Scripting (XSS) vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privilege
Cross-Site Scripting (XSS) vulnerability in Sunlight CMS 8.0.1 allows an authenticated low-privileged user to escalate privileges via a crafted SVG file in the File Manager component.
nvd