Lnyzx

**Name of the Vulnerable Software and Affected Versions** Pragyan CMS version 3.0 **Description** The issue concerns an Error-Based SQL injection, which can lead to Information Disclosure. This occurs in the cms/admin.lib.php file via the `del black` variable in the $ GET request. **Recommendations** For Pragyan CMS version 3.0, consider restricting access to the cms/admin.lib.php file until a patch is available. As a temporary workaround, avoid using the `del black` variable in the $ GET request to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Pragyan CMS version 3.0 **Description** The issue is related to a Boolean-based SQL injection, which can lead to Information Disclosure. This occurs in the cms/admin.lib.php file via the `forwhat` variable in the $ GET request. **Recommendations** For Pragyan CMS version 3.0, consider restricting access to the cms/admin.lib.php file until a patch is available. As a temporary workaround, avoid using the `forwhat` variable in the affected API endpoint to minimize the risk of exploitation.