CVE-2026-39229 | Bolt CMS up to 3.7.0 OrderDirective order sql injection

A vulnerability identified as critical has been detected in Bolt CMS up to 3.7.0. The affected element is an unknown function of the component OrderDirective. This manipulation of the argument order causes sql injection.

This vulnerability is registered as CVE-2026-39229. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More