ID
VAR-201102-0502
TITLE
Pragyan CMS SQL Injection and PHP Code Execution Vulnerabilities
Trust: 0.3
sources:
BID: 46573
DESCRIPTION
Pragyan CMS is prone to an SQL-injection vulnerability and a code-execution vulnerability because it fails to sufficiently sanitize user-supplied data. Successfully exploiting these issues may allow an attacker to compromise the application, access or modify data, exploit latent vulnerabilities in the underlying database, or execute arbitrary PHP code in the context of the application. Pragyan CMS 3.0 rev 274 is vulnerable; other versions may be affected.
Trust: 0.3
sources:
BID: 46573
AFFECTED PRODUCTS
| vendor: | pragyan | model: | cms pragyan cms rev | scope: | eq | version: | 3.0274 | Trust: 0.3 |
| vendor: | pragyan | model: | cms pragyan cms | scope: | eq | version: | 3.0 | Trust: 0.3 |
sources:
BID: 46573
THREAT TYPE
network
Trust: 0.3
sources:
BID: 46573
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 46573
EXTERNAL IDS
| db: | BID | id: | 46573 | Trust: 0.3 |
sources:
BID: 46573
REFERENCES
| url: | http://bugix-security.blogspot.com/2011/02/pragyan-cms-multipy-vulnerabilities.html | Trust: 0.3 |
| url: | http://sourceforge.net/projects/pragyan/ | Trust: 0.3 |
sources:
BID: 46573
CREDITS
Abhishek Lyall
Trust: 0.3
sources:
BID: 46573
SOURCES
| db: | BID | id: | 46573 |
LAST UPDATE DATE
2022-05-17T02:09:59.805000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 46573 | date: | 2011-02-25T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 46573 | date: | 2011-02-25T00:00:00 |