5 matches found
CVE-2025-67830
Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...
CVE-2025-67830
Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...
Mura 安全漏洞
Mura is a content management system developed by Mura Corporation. Versions of Mura prior to 10.1.14 contained security vulnerabilities, which were caused by SQL injection attacks in the getQuery sortDirection parameter of the beanFeed.cfc file...
Mura 安全漏洞
Mura is a content management system developed by Mura Corporation. Versions of Mura 10.1.10 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of CSRF token verification in the update URL, which could lead to manipulation of user information...
CVE-2025-67829
CVE-2025-67829 affects Mura prior to 10.1.14. The issue is a SQL injection in beanFeed.cfc getQuery sortDirection, enabling high-severity (CVSS 9.8) impact with network attack vector and no user interaction. Affected component: Mura CMS (beanFeed.cfc). Root cause: improper handling of sortDirecti...