21 matches found
CVE-2026-40329
Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before...
CVE-2026-40330
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's handling of the sortDirection parameter. The...
CVE-2026-40330 Masa CMS SQL injection via sortDirection parameter in beanFeed
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's handling of the sortDirection parameter. The...
CVE-2026-40330
Summary of CVE-2026-40330 : Masa CMS is affected by an SQL injection in the beanFeed.cfc component, specifically in the getQuery function when handling the sortDirection parameter. The parameter is concatenated directly into SQL queries without sanitization or parameterization, enabling an unauth...
CVE-2026-40330
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's handling of the sortDirection parameter. The...
EUVD-2026-27480
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's handling of the sortDirection parameter. The...
CVE-2026-40330 Masa CMS SQL injection via sortDirection parameter in beanFeed
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's handling of the sortDirection parameter. The...
CVE-2026-40329 SQL Injection vulnerability via sortBy in beanFeed
Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before...
EUVD-2026-27478
Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before...
CVE-2026-40329 SQL Injection vulnerability via sortBy in beanFeed
Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before...
Masa CMS SQL注入漏洞
Masa CMS is a digital experience platform operated by Masa CMS organization. Masa CMS has a SQL injection vulnerability, which stems from improper handling of the sortDirection parameter in the getQuery function of the beanFeed.cfc component. This vulnerability could allow unauthenticated remote...
EUVD-2025-208836
Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection...
CVE-2025-67830
Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...
Mura 安全漏洞
Mura is a content management system developed by Mura Corporation. Versions of Mura prior to 10.1.14 contained security vulnerabilities, which were caused by SQL injection attacks in the getQuery and sortby parameters of the beanFeed.cfc file...
CVE-2025-67830
Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...
PT-2026-26085
CVE-2025-67829 Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection. https://t.co/EsT6nGpd9g...
PT-2026-26086
CVE-2025-67830 Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection. https://t.co/IUknqurxhS...
CVE-2025-67829
Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection...
CVE-2025-67830
Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...
Mura 安全漏洞
Mura is a content management system developed by Mura Corporation. Versions of Mura prior to 10.1.14 contained security vulnerabilities, which were caused by SQL injection attacks in the getQuery sortDirection parameter of the beanFeed.cfc file...