Lucene search
K

4 matches found

OSV
OSV
added 2026/06/16 7:27 p.m.8 views

MAL-2026-5916 Malicious code in nottuff25 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 238a4f56f3433bf34de372e9a26264a33e33c6bde8592ddc73594d33ab7427f0 The tarball is not a Node library. package.json declares main: sw.js with description "package" and an empty author; sw.js is a browser ServiceWorker...

6AI score
Exploits0References4
NVD
NVD
added 2026/03/18 4:16 p.m.5 views

CVE-2025-55043

MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality csettings.cfc createBundle method that allows unauthenticated attackers to force administrators to create and save site bundles containing sensitive data to publicly accessible directories. This vulnerabili...

6.5CVSS0.00162EPSS
Exploits0References2
CVE
CVE
added 2026/03/18 12:0 a.m.11 views

CVE-2025-55043

MuraCMS up to version 10.1.10 contains a CSRF flaw in the bundle creation flow (csettings.cfc createBundle) that allows unauthenticated attackers to force admins to create and save site bundles containing sensitive data into publicly accessible directories. This can enable complete data exfiltrat...

6.5CVSS5.6AI score0.00162EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/18 12:0 a.m.4 views

CVE-2025-55043

MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality csettings.cfc createBundle method that allows unauthenticated attackers to force administrators to create and save site bundles containing sensitive data to publicly accessible directories. This vulnerabili...

5.6AI score0.00162EPSS
Exploits0References3
Rows per page
Query Builder