Pragyan Cms Project
Products
1- 6 CVEs
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-4627 | Cri | 0.64 | 9.8 | 0.00 | Sep 7, 2017 | SQL injection vulnerability in Pragyan CMS 3.0. | |
| CVE-2017-14601 | Med | 0.32 | 4.9 | 0.00 | Sep 19, 2017 | Pragyan CMS v3.0 is vulnerable to a Boolean-based SQL injection in cms/admin.lib.php via $_GET['forwhat'], resulting in Information Disclosure. | |
| CVE-2017-14600 | Med | 0.32 | 4.9 | 0.00 | Sep 19, 2017 | Pragyan CMS v3.0 is vulnerable to an Error-Based SQL injection in cms/admin.lib.php via $_GET['del_black'], resulting in Information Disclosure. | |
| CVE-2012-6500 | 0.04 | — | 0.13 | Jan 12, 2013 | Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to index.php. | ||
| CVE-2015-1471 | 0.03 | — | 0.05 | Feb 12, 2015 | SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI. | ||
| CVE-2009-1480 | 0.03 | — | 0.00 | Apr 29, 2009 | SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors. |
- risk 0.64cvss 9.8epss 0.00
SQL injection vulnerability in Pragyan CMS 3.0.
- risk 0.32cvss 4.9epss 0.00
Pragyan CMS v3.0 is vulnerable to a Boolean-based SQL injection in cms/admin.lib.php via $_GET['forwhat'], resulting in Information Disclosure.
- risk 0.32cvss 4.9epss 0.00
Pragyan CMS v3.0 is vulnerable to an Error-Based SQL injection in cms/admin.lib.php via $_GET['del_black'], resulting in Information Disclosure.
- CVE-2012-6500Jan 12, 2013risk 0.04cvss —epss 0.13
Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to index.php.
- CVE-2015-1471Feb 12, 2015risk 0.03cvss —epss 0.05
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.
- CVE-2009-1480Apr 29, 2009risk 0.03cvss —epss 0.00
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors.