CVE-2024-32640 PoC — Masa CMS SQL注入漏洞

Source

https://github.com/0xYumeko/CVE-2024-32640-SQLI-MuraCMS

Associated Vulnerability

Title:Masa CMS SQL注入漏洞 (CVE-2024-32640)
Description:Masa CMS是一个数字体验平台。 MASA CMS 7.4.6之前版本、7.3.13之前版本和7.2.8之前版本存在SQL注入漏洞，该漏洞源于processAsyncObject方法存在SQL注入，可能导致远程代码执行。

Readme

<h1>And exploited SQL injection vulnerabilities in Mura/Masa CMS.
</h1>

<h>Save this script as CVE-2024-32640.sh and make it executable:
</h>
```
chmod +x CVE-2024-32640.sh
```
<h>Run it using: </h>
```
./CVE-2024-32640-SQLI-MuraCMS.sh --url https://example.com/ --ghauri '--dump --threads 10'
```


@Helltakerc3rb

File Snapshot


 [4.0K]  /data/pocs/07825868fc23e9163c6827dafc8a9d418372fa23
├── [3.4K]  CVE-2024-32640-SQLI-MuraCMS.sh
└── [ 316]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!