Want to get paid for a vulnerability similar to this one?
Contact us at: email@example.com
The following advisory describes two (2) vulnerabilities found in MuraCMS version 6.2. MuraCMS is an open source content management system for CFML, created by Blue River Interactive Group. Mura has been designed to be used by marketing departments, web designers and developers.
The vulnerabilities found in MuraCMS are:
- Unauthenticated remote arbitrary code execution
- Unrestricted file upload
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
BlurRiver has released patch to address the vulnerabilities: “we put builds with the vulnerabilities patched and then released a blog as well as communicated via our Google group, Slack channel, twitter and mailing list.”
The patch and blog post can be found here