EUVD-2017-7090

🗓️ 07 Oct 2025 00:30:54Reported by EUVDType

Mura CMS before 6.2 allows bypass of access restrictions via draggable feeds feature

Reporter	Title	Published	Views	Family All 9
0day.today	Mura CMS < 6.2 - Server-Side Request Forgery / XML External Entity Injection Vulnerabilities	25 Oct 201700:00	–	zdt
CNVD	Blue River Interactive Mura CMS XML External Entity Injection Vulnerability	30 Oct 201700:00	–	cnvd
CVE	CVE-2017-15639	19 Oct 201719:00	–	cve
Cvelist	CVE-2017-15639	19 Oct 201719:00	–	cvelist
Exploit DB	Mura CMS < 6.2 - Server-Side Request Forgery / XML External Entity Injection	24 Oct 201700:00	–	exploitdb
exploitpack	Mura CMS 6.2 - Server-Side Request Forgery XML External Entity Injection	24 Oct 201700:00	–	exploitpack
NVD	CVE-2017-15639	19 Oct 201719:29	–	nvd
Packet Storm	Mura CMS Server-Side Request Forgery / XXE Injection	26 Oct 201700:00	–	packetstorm
Prion	Design/Logic Flaw	19 Oct 201719:29	–	prion

[
  {
    "enisaIdVendor": [
      {
        "id": "b2fff340-50d3-3921-aa52-7ae04a7a1206",
        "vendor": {
          "name": "n/a"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "d22162d0-259a-318e-8677-72ee6b7b2809",
        "product": {
          "name": "n/a"
        },
        "product_version": "n/a"
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/cve/CVE-2017-15639
exploit-db	www.exploit-db.com/exploits/43045/
securityfocus	www.securityfocus.com/bid/101603
getmura	www.getmura.com/blog/critical-security-update-for-mura-cms-version-6-1-and-earlier/
github	www.github.com/advisories/GHSA-293c-r3p4-g63r

07 Oct 2025 00:30Current

6.5Medium risk

Vulners AI Score6.5

CVSS 36.5

CVSS 24

EPSS0.04241