Description

Mura/Masa CMS has an SQL Injection vulnerability that allows unauthenticated attackers to gain access to sensitive data and compromise the system.

Remediation

Upgrade to the latest version of Mura CMS or Masa CMS

References

Hacking Apple - SQL Injection to Remote Code Execution

Related Vulnerabilities

Oracle JRE CVE-2013-2468 Vulnerability (CVE-2013-2468)

WordPress Plugin Spam protection, AntiSpam, FireWall by CleanTalk SQL Injection (5.185)

WordPress Plugin Cart66 Lite::WordPress Ecommerce SQL Injection (1.5.1.17)

PHP Other Vulnerability (CVE-2003-0097)

WordPress Improper Input Validation Vulnerability (CVE-2019-20041)

Severity

Critical

Classification

CVE-2024-32640 CWE-89 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

SQL Injection Known Vulnerabilities