.. / CVE-2024-32640

Exploit for Mura/Masa CMS - Unauthenticated SQL Injection (CVE-2024-32640)

Description:

The Mura/Masa CMS is vulnerable to SQL Injection, allowing unauthenticated attackers to execute arbitrary SQL commands via crafted input to the application. This vulnerability can lead to unauthorized access to sensitive data.

Affected Products:

Proof of Concept

PoC exploits

Nuclei Template

View the template here CVE-2024-32640.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-32640.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2024-32640