CVE-2026-3325
SQL Injection in MegaCMS v12.0.0 Allows Arbitrary Query Execution
Publication date: 2026-04-29
Last updated on: 2026-04-29
Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| crm_sistemas_de_fidelizacion | megacms | 12.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-3325 is a critical SQL injection vulnerability found in MegaCMS version 12.0.0, a software used for managing reservation systems, ticketing, and online sales.
The vulnerability exists specifically in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint. This parameter is processed immediately after a registration form is submitted.
Due to inadequate validation and sanitization of user input, an unauthenticated attacker can manipulate the “id_territorio” parameter via a POST request to execute arbitrary SQL queries on the backend database.
How can this vulnerability impact me? :
This vulnerability allows an unauthenticated attacker to execute arbitrary SQL queries on the MegaCMS database.
- Potential impacts include unauthorized data access, data modification, data deletion, or even complete compromise of the backend database.
- Since the vulnerability is critical with a CVSS score of 10.0, it poses a high risk to the confidentiality, integrity, and availability of the affected system.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability exists in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint, which is accessed via a POST request immediately after the registration form submission.
To detect this vulnerability on your system or network, you can monitor or test POST requests to this endpoint and specifically check if the “id_territorio” parameter is vulnerable to SQL injection by attempting to inject SQL payloads.
While no specific commands are provided in the resources, typical detection methods include using tools like sqlmap or crafting manual POST requests with SQL injection payloads targeting the “id_territorio” parameter at the “/web_comunications/cms/get_provincias” endpoint.
What immediate steps should I take to mitigate this vulnerability?
The recommended immediate mitigation step is to update MegaCMS to the latest available version where this SQL injection vulnerability has been fixed.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the SQL injection vulnerability in MegaCMS v12.0.0 directly affects compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2026-3325 is a critical SQL injection vulnerability found in MegaCMS version 12.0.0, a software used for managing reservation systems, ticketing, and online sales.
The vulnerability exists in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint, which is processed immediately after a registration form is submitted.
Due to inadequate validation and sanitization of this parameter, an unauthenticated attacker can exploit it via a POST request to execute arbitrary SQL queries on the backend database.
How can this vulnerability impact me? :
This vulnerability allows an unauthenticated attacker to execute arbitrary SQL queries on the backend database of MegaCMS.
- Potential unauthorized access to sensitive data stored in the database.
- Data manipulation or deletion, leading to data integrity issues.
- Compromise of the entire system's confidentiality, integrity, and availability.
- Disruption of services such as reservation systems, ticketing, and online sales managed by MegaCMS.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability exists in the “id_territorio” parameter of the “/web_comunications/cms/get_provincias” endpoint, which is accessed via a POST request immediately after the registration form submission.
Detection can involve monitoring POST requests to this endpoint and inspecting the “id_territorio” parameter for suspicious or malformed input that could indicate SQL injection attempts.
Specific commands are not provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The recommended immediate mitigation is to update MegaCMS to the latest available version where this SQL injection vulnerability has been fixed.