NVD Vulnerability Detail

Search Exploit, PoC

Exploit DB

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-39229

Summary	Bolt CMS through 3.7.0 allows SQL Injection in the 'order' parameter of the content listing pages. An authenticated attacker with low-level privileges can exploit this through the OrderDirective component. This allows for the extraction of sensitive information
Publication Date	May 30, 2026, 1:16 a.m.
Registration Date	May 30, 2026, 4:15 a.m.
Last Update	May 30, 2026, 1:32 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://boltcms.io/	cve@mitre.org
2	https://github.com/Tonoss-412/My-CVE/blob/main/CVE-2026-39229.md	cve@mitre.org
3	https://github.com/bolt/bolt	cve@mitre.org

Common Vulnerabilities List