WEB APPLICATION VULNERABILITIES Standard & Premium

Mura/Masa CMS SQLi (CVE-2024-32640)

Description

Mura/Masa CMS has an SQL Injection vulnerability that allows unauthenticated attackers to gain access to sensitive data and compromise the system.

Remediation

Upgrade to the latest version of Mura CMS or Masa CMS

References

Hacking Apple - SQL Injection to Remote Code Execution

Related Vulnerabilities

Ruby on Rails Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3086)

MySQL CVE-2013-3798 Vulnerability (CVE-2013-3798)

PHP CVE-2012-2688 Vulnerability (CVE-2012-2688)

WordPress Cleartext Storage of Sensitive Information Vulnerability (CVE-2017-14990)

phpMyAdmin Other Vulnerability (CVE-2007-0095)

Severity

Critical

Classification

CVE-2024-32640 CWE-89 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

SQL Injection Known Vulnerabilities