N3Tr00T3R

Name of the Vulnerable Software and Affected Versions: Pragyan CMS version 2.6.2 Description: The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled. This is achieved via a URL in the `sourceFolder` or `moduleFolder` parameters. Recommendations: For Pragyan CMS version 2.6.2, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the cms/modules/form.lib.php module to minimize the risk of arbitrary PHP code execution. Avoid using the `sourceFolder` and `moduleFolder` parameters in URLs until the issue is resolved.