CVE-2017-14600

Name of the Vulnerable Software and Affected Versions Pragyan CMS version 3.0

Description The issue concerns an Error-Based SQL injection, which can lead to Information Disclosure. This occurs in the cms/admin.lib.php file via the del black variable in the $ GET request.

Recommendations For Pragyan CMS version 3.0, consider restricting access to the cms/admin.lib.php file until a patch is available. As a temporary workaround, avoid using the del black variable in the $ GET request to minimize the risk of exploitation.