Home/Product/murasoftware mura cms
Product

murasoftware mura cms

13 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-67830
< 10.1.4
Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection.
9.8CRITICAL
 CVE-2025-67829
< 10.1.4
Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection.
9.8CRITICAL
 CVE-2025-55046
all versions
MuraCMS through 10.1.10 contains a CSRF vulnerability that allows attackers to permanently destroy all deleted content stored in t
8.1HIGH
 CVE-2025-55045
all versions
The update address CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to manipulate user address information through C
7.1HIGH
 CVE-2025-55044
all versions
The Trash Restore CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to restore deleted content from the trash to unau
8.8HIGH
 CVE-2025-55043
all versions
MuraCMS through 10.1.10 contains a CSRF vulnerability in the bundle creation functionality (csettings.cfc createBundle method) tha
6.5MEDIUM
 CVE-2025-55041
all versions
MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user management (cUsers.cfc addToGroup
8.0HIGH
 CVE-2025-55040
all versions
The import form CSRF vulnerability in MuraCMS through 10.1.10 allows attackers to upload and install malicious form definitions th
8.8HIGH
 CVE-2022-47003
< 10.0.580
A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted w
9.8CRITICAL
 CVE-2018-7486
< 7.0.7029
Blue River Mura CMS before v7.0.7029 supports inline function calls with an [m] tag and [/m] end tag, without proper restrictions
7.2HIGH
 CVE-2017-15639
<= 6.1
tasks/feed/readRSS.cfm in Mura CMS before 6.2 allows attackers to bypass intended access restrictions by leveraging the "draggable
6.5MEDIUM
 CVE-2017-8302
all versions
Mura CMS 7.0.6967 allows admin/?muraAction= XSS attacks, related to admin/core/views/carch/list.cfm, admin/core/views/carch/loadsi
5.4MEDIUM
 CVE-2010-3468
all versions
Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 before 5.1.498 and 5.2 before 5.2.2809, and Sava CMS 5 throug
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh