Home

Description

Soosyze 2.0.0 contains a file upload vulnerability that allows attackers to upload arbitrary HTML files with embedded PHP code to the application. Attackers can exploit the broken file upload mechanism to potentially view sensitive file paths and execute malicious PHP scripts on the server.

PUBLISHED Reserved 2025-12-13 | Published 2025-12-15 | Updated 2025-12-15 | Assigner VulnCheck




MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Problem types

Unrestricted Upload of File with Dangerous Type

Product status

2.0.0
affected

Credits

nu11secur1ty finder

References

www.exploit-db.com/exploits/51718 (ExploitDB-51718) exploit

soosyze.com/ (soosyze Product Homepage) product

github.com/soosyze/soosyze (soosyze GitHub Repository) product

www.vulncheck.com/...ted-file-upload-via-broken-upload-logic (VulnCheck Advisory: Soosyze 2.0.0 Unrestricted File Upload via Broken Upload Logic) third-party-advisory

cve.org (CVE-2023-53871)

nvd.nist.gov (CVE-2023-53871)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.