CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

CVE•added 2026/05/05 7:44 p.m.•12 views

CVE-2026-40329

Masa CMS is affected by a SQL injection in the beanFeed.cfc component (getQuery handling of the sortBy parameter) in versions 7.5.2 and earlier. The vulnerability arises from insufficient sanitization/parameterization of sortBy, allowing an unauthenticated remote attacker to execute arbitrary SQL...

9.3CVSS6AI score0.00302EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:19 p.m.•2 views

CVE-2025-67830

Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...

9.8CVSS5.8AI score0.00321EPSS

Exploits0References1

NVD•added 2026/03/18 4:16 p.m.•4 views

CVE-2025-67829

Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection...

9.8CVSS0.0026EPSS

Exploits0References1

Vulnrichment•added 2026/03/18 12:0 a.m.•1 views

CVE-2025-67829

Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection...

5.8AI score0.0026EPSS

Exploits0References1

ATTACKERKB•added 2026/03/18 12:0 a.m.•2 views

CVE-2025-67829

Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection...

5.8AI score0.0026EPSS

Exploits0References2

CVE•added 2026/03/18 12:0 a.m.•6 views

CVE-2025-67830

Mura CMS vulnerable before 10.1.14 due to beanFeed.cfc getQuery sortby SQL injection. Root cause is improper handling of sortby in the getQuery path, enabling SQL injection with high impact to confidentiality, integrity, and availability (CVSS 9.8). Mitigation: upgrade to version 10.1.14 or apply...

9.8CVSS5.8AI score0.00321EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by