Boolean-based SQL Injection in Pragyan CMS v3.0 via $_GET['forwhat']: Information Disclosure Vulnerability
CVE-2017-14601 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
Pragyan CMS v3.0 is vulnerable to a Boolean-based SQL injection in cms/admin.lib.php via $_GET['forwhat'], resulting in Information Disclosure.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.