Unrated severityNVD Advisory· Published Feb 12, 2015· Updated May 6, 2026

CVE-2015-1471

Description

SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.

Affected products

Pragyan Cms Project/Pragyan CMS
cpe:2.3:a:pragyan_cms_project:pragyan_cms:3.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

pastebin.com/ip2gGYuSnvdExploit
sroesemann.blogspot.de/2015/01/sroeadv-2015-11.htmlnvdExploit
sroesemann.blogspot.de/2015/02/advisory-for-sroeadv-2015-11.htmlnvdExploit
seclists.org/fulldisclosure/2015/Feb/18nvd
seclists.org/oss-sec/2015/q1/402nvd
github.com/delta/pragyan/commit/c93bc100ec93fc78940fbdca9b6b009101858309nvd
github.com/delta/pragyan/issues/206nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000