CVE-2026-40331 | Masa CMS up to 7.2.9/7.3.14/7.4.9/7.5.2 feedGateway.cfc setAltTable altTable sql injection (GHSA-jphh-r686-6w7j)

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability categorized as critical has been discovered in Masa CMS up to 7.2.9/7.3.14/7.4.9/7.5.2. Affected is the function setAltTable of the file feedGateway.cfc. Such manipulation of the argument altTable leads to sql injection.

This vulnerability is referenced as CVE-2026-40331. It is possible to launch the attack remotely. No exploit is available.

It is advisable to upgrade the affected component.

CVE-2026-40331 | Masa CMS up to 7.2.9/7.3.14/7.4.9/7.5.2 feedGateway.cfc setAltTable altTable sql injection (GHSA-jphh-r686-6w7j)

Post correlati

CVE-2025-21627 | GLPI up to 10.0.17 Search Page cross site scripting (GHSA-qm8p-jmj2-qfc2)

CVE-2024-32952 | BloomPixel Max Addons Pro for Bricks Plugin up to 1.6.1 on WordPress cross site scripting

CVE-2025-11431 | code-projects Web-Based Inventory and POS System 1.0 /transaction.php shopid sql injection

CVE-2026-31423 | Linux Kernel up to 6.1.167/6.6.133/6.12.80/6.18.21/6.19.11 rtsc_min divide by zero