{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T06:36:25.209","vulnerabilities":[{"cve":{"id":"CVE-2024-32640","sourceIdentifier":"security-advisories@github.com","published":"2025-08-11T21:15:26.647","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.5, 7.3.12, and 7.2.7 contain a SQL injection vulnerability in the `processAsyncObject` method that can result in remote code execution. Versions 7.4.5, 7.3.12, and 7.2.7 contain a fix for the issue."},{"lang":"es","value":"MASA CMS es una plataforma de gestión de contenido empresarial basada en tecnología de código abierto. Las versiones anteriores a la 7.4.6, 7.3.13 y 7.2.8 contienen una vulnerabilidad de inyección SQL en el método `processAsyncObject` que puede provocar la ejecución remota de código. Las versiones 7.4.6, 7.3.13 y 7.2.8 incluyen una solución para este problema."}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-89"}]}],"references":[{"url":"https://github.com/MasaCMS/MasaCMS/commit/259fc6061d022d5025a3289a3f8de9852ad9c91d","source":"security-advisories@github.com"},{"url":"https://github.com/MasaCMS/MasaCMS/commit/280489e2d6c8daf5022fdb0225235462dd9d4534","source":"security-advisories@github.com"},{"url":"https://github.com/MasaCMS/MasaCMS/commit/3d6319b8775bb6438bc822d845926990511f5075","source":"security-advisories@github.com"},{"url":"https://github.com/MasaCMS/MasaCMS/security/advisories/GHSA-24rr-gwx3-jhqc","source":"security-advisories@github.com"},{"url":"https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS","source":"security-advisories@github.com"},{"url":"https://projectdiscovery.io/blog/hacking-apple-with-sql-injection?ref=projectdiscovery-io-blog-newsletter","source":"security-advisories@github.com"},{"url":"https://www.seebug.org/vuldb/ssvid-99835","source":"security-advisories@github.com"}]}}]}