CVE-2008-3207

Name of the Vulnerable Software and Affected Versions: Pragyan CMS version 2.6.2

Description: The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled. This is achieved via a URL in the sourceFolder or moduleFolder parameters.

Recommendations: For Pragyan CMS version 2.6.2, consider disabling the register globals setting to prevent exploitation. Additionally, restrict access to the cms/modules/form.lib.php module to minimize the risk of arbitrary PHP code execution. Avoid using the sourceFolder and moduleFolder parameters in URLs until the issue is resolved.