CVE-2025-55040
The CVE-2025-55040 issue affects MuraCMS 10.1.10 and earlier, due to a CSRF token validation flaw in the cForm.importform function. This allows an authenticated admin visiting a crafted page to upload and install attacker-controlled form definitions via a forged ZIP file, potentially creating dat...