Pragyan Cms Project: >> Pragyan Cms >> 2.6.4 Security Vulnerabilities
Directory traversal vulnerability in download.lib.php in Pragyan CMS 3.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the fileget parameter in a profile action to index.php.
CVSS Score
5.0
EPSS Score
0.075
Published
2013-01-12
SQL injection vulnerability in index.php Pragyan CMS 2.6.4 allows remote attackers to execute arbitrary SQL commands via the fileget parameter in a view action and other unspecified vectors.
CVSS Score
7.5
EPSS Score
0.003
Published
2009-04-29