Filtered by vendor Masacms
Subscriptions
Filtered by product Masacms
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32640 | 1 Masacms | 1 Masacms | 2025-08-12 | 9.8 Critical |
| MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.6, 7.3.13, and 7.2.8 contain a SQL injection vulnerability in the `processAsyncObject` method that can result in remote code execution. Versions 7.4.6, 7.3.13, and 7.2.8 contain a fix for the issue. | ||||
| CVE-2022-47002 | 1 Masacms | 1 Masacms | 2024-11-21 | 9.8 Critical |
| A vulnerability in the Remember Me function of Masa CMS v7.2, 7.3, and 7.4-beta allows attackers to bypass authentication via a crafted web request. | ||||
| CVE-2021-42183 | 1 Masacms | 1 Masacms | 2024-11-21 | 7.5 High |
| MasaCMS 7.2.1 is affected by a path traversal vulnerability in /index.cfm/_api/asset/image/. | ||||
Page 1 of 1.