.. / CVE-2022-47003

Exploit for Mura CMS <10.0.580 - Authentication Bypass (CVE-2022-47003)

Description:

Mura CMS before 10.0.580 is susceptible to authentication bypass in the Remember Me function. An attacker can bypass authentication via a crafted web request and thereby obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.

Nuclei Template

View the template here CVE-2022-47003.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-47003.yaml
Copy

References:

http://mura.com
https://hoyahaxa.blogspot.com/2023/01/preliminary-security-advisory.html
https://hoyahaxa.blogspot.com/2023/03/authentication-bypass-mura-masa.html
https://www.murasoftware.com/mura-cms/
https://nvd.nist.gov/vuln/detail/CVE-2022-47003