5 matches found
CVE-2025-67830
Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...
CVE-2025-67829
Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection...
EUVD-2025-208838
Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...
CVE-2025-67829
Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection...
CVE-2025-67830
Mura CMS vulnerable before 10.1.14 due to beanFeed.cfc getQuery sortby SQL injection. Root cause is improper handling of sortby in the getQuery path, enabling SQL injection with high impact to confidentiality, integrity, and availability (CVSS 9.8). Mitigation: upgrade to version 10.1.14 or apply...