CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

154 matches found

SQL Injection

Overview bolt/bolt is a sophisticated, lightweight & simple CMS. Affected versions of this package are vulnerable to SQL Injection via the order parameter in content listing pages through the OrderDirective component. An attacker can extract sensitive information from the database by injecting...

8.8CVSS5.9AI score0.00024EPSS

Exploits0References2

NVD•added 6 days ago•7 views

CVE-2026-39229

Bolt CMS through 3.7.0 allows SQL Injection in the 'order' parameter of the content listing pages. An authenticated attacker with low-level privileges can exploit this through the OrderDirective component. This allows for the extraction of sensitive information...

6.5CVSS0.00024EPSS

Exploits0References3

Cvelist•added 6 days ago•23 views

CVE-2026-39229

0.00024EPSS

Exploits0References3

CNNVD•added 6 days ago•3 views

Bolt CMS 安全漏洞

Bolt CMS is an open-source content management system based on PHP, developed by Bolt CMS. Versions of Bolt CMS 3.7.0 and earlier contain security vulnerabilities, which stem from SQL injection vulnerabilities in the order parameter of the content list page. Attackers with low privileges and...

6.5CVSS5.9AI score0.00024EPSS

Exploits0References3

CVE•added 6 days ago•6 views

CVE-2026-39229

Bolt CMS up to version 3.7.0 is affected by an SQL Injection in the order parameter of content listing pages, exploitable by an authenticated attacker with low privileges via the OrderDirective component. This can lead to extraction of sensitive information. The CVSS 3.1 base score is 6.5 (Medium...

6.5CVSS5.9AI score0.00024EPSS

Exploits0References3