Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-32640 PoC — MasaCMS SQL Injection vulnerability

Source
https://github.com/0x3f3c/CVE-2024-32640-SQLI-MuraCMS
Associated Vulnerability
Title:MasaCMS SQL Injection vulnerability (CVE-2024-32640)
Description:MASA CMS is an Enterprise Content Management platform based on open source technology. Versions prior to 7.4.5, 7.3.12, and 7.2.7 contain a SQL injection vulnerability in the `processAsyncObject` method that can result in remote code execution. Versions 7.4.5, 7.3.12, and 7.2.7 contain a fix for the issue.
Readme
<h1>And exploited SQL injection vulnerabilities in Mura/Masa CMS.
</h1>

<h>Save this script as CVE-2024-32640.sh and make it executable:
</h>
```
chmod +x CVE-2024-32640.sh
```
<h>Run it using: </h>
```
./CVE-2024-32640-SQLI-MuraCMS.sh --url https://example.com/ --ghauri '--dump --threads 10'
```


@Helltakerc3rb
File Snapshot

 [4.0K]  /data/pocs/ac4207d0db690d4c58f738cc5821072a674db7a0
├── [3.4K]  CVE-2024-32640-SQLI-MuraCMS.sh
└── [ 316]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →