Lucene search
K

6 matches found

NVD
NVD
added 2026/05/06 8:16 p.m.28 views

CVE-2026-40325

Masa CMS is a content management system forked from Mura CMS. In versions 7.5.2 and earlier, the cTrash.restore function does not properly validate anti-CSRF tokens for content restoration requests. An attacker can trick a logged-in administrator to submit a forged request that restores deleted...

8.7CVSS0.00151EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.12 views

PT-2026-38228

Name of the Vulnerable Software and Affected Versions Masa CMS versions prior to 7.2.10 Masa CMS versions prior to 7.3.15 Masa CMS versions prior to 7.4.10 Masa CMS versions prior to 7.5.3 Description The cTrash.restore function fails to properly validate anti-CSRF Cross-Site Request Forgery toke...

8.7CVSS5.7AI score0.00151EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/03/26 3:19 p.m.4 views

CVE-2025-55044

The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations through CSRF. The vulnerable cTrash.restore function lacks CSRF token validation, enabling malicious websites to forge requests that restore content...

8.8CVSS5.8AI score0.00128EPSS
Exploits0References1
NVD
NVD
added 2026/03/18 4:16 p.m.8 views

CVE-2025-55044

The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations through CSRF. The vulnerable cTrash.restore function lacks CSRF token validation, enabling malicious websites to forge requests that restore content...

8.8CVSS0.00128EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/03/18 12:0 a.m.6 views

PT-2026-26082

The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations through CSRF. The vulnerable cTrash.restore function lacks CSRF token validation, enabling malicious websites to forge requests that restore content...

8.8CVSS5.8AI score0.00128EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/03/18 12:0 a.m.3 views

CVE-2025-55044

The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unauthorized locations through CSRF. The vulnerable cTrash.restore function lacks CSRF token validation, enabling malicious websites to forge requests that restore content...

5.8AI score0.00128EPSS
Exploits0References3
Rows per page
Query Builder