CVE-2026-40329

Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before...

CVE-2026-40329

Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize or parameterize this input before...

Masa CMS SQL注入漏洞

Masa CMS is an enterprise content management platform based on open-source technology, developed by Masa CMS organization. Masa CMS versions 7.5.2 and earlier have a SQL injection vulnerability. This vulnerability stems from the improper handling of the sortBy parameter in the getQuery function o...

PT-2026-37235

Name of the Vulnerable Software and Affected Versions Masa CMS versions prior to 7.2.10 Masa CMS versions prior to 7.3.15 Masa CMS versions prior to 7.4.10 Masa CMS versions prior to 7.5.3 Description A SQL injection exists in the beanFeed.cfc component within the getQuery function's processing o...

PT-2026-37236

Name of the Vulnerable Software and Affected Versions Masa CMS versions 7.2.0 through 7.2.9 Masa CMS versions 7.3.0 through 7.3.14 Masa CMS versions 7.4.0 through 7.4.9 Masa CMS versions 7.5.0 through 7.5.2 Description A SQL injection issue exists in the beanFeed.cfc component within the getQuery...

CVE-2025-67829

Mura before 10.1.14 allows beanFeed.cfc getQuery sortDirection SQL injection...

EUVD-2025-208838

Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...

CVE-2025-67830

Mura before 10.1.14 allows beanFeed.cfc getQuery sortby SQL injection...