Vulnerabilidades em MasaCMS
13 resultadosCVE-2024-32640CRITICALMasaCMS SQL Injection vulnerabilityEPSS 68.6%CVE-2024-32641CRITICALMasa CMS Vulnerable to Pre-Auth RCE via JSON APIEPSS 10.6%CVE-2026-40330CRITICALMasa CMS SQL injection via sortDirection parameter in beanFeedEPSS 0.4%CVE-2026-40332MEDIUMMasa CMS open redirect via improper handling of scheme-relative URLsEPSS 0.3%CVE-2026-40331CRITICALMasa CMS unauthenticated SQL injection via altTable parameter in JSON APIEPSS 0.3%CVE-2024-32643HIGHMasa CMS vulnerable to authentication bypass with /tag/EPSS 0.3%CVE-2026-40329CRITICALSQL Injection vulnerability via sortBy in beanFeedEPSS 0.3%CVE-2025-66492HIGHMasa CMS vulnerable to Cross-Site Scripting (XSS) through URL ParameterEPSS 0.2%CVE-2026-40309HIGHMasa CMS CSRF in trash management allows unauthorized permanent deletion of deleted contentEPSS 0.2%CVE-2026-40174HIGHMasa CMS CSRF in user address management allows unauthorized address changesEPSS 0.2%CVE-2024-32642HIGHHost header poisoning allows account takeover via password reset emailEPSS 0.2%CVE-2026-40326HIGHMasa CMS CSRF in site bundle creation allows unauthorized site data exportEPSS 0.2%CVE-2026-40325HIGHMasa CMS CSRF in content restoration allows unauthorized restoration of deleted contentEPSS 0.2%