SQL Injection in Purei Cms
CVE-2024-58301
Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through unfiltered user input parameters. Attackers can exploit vulnerable endpoints like getAllParks.php and events…
Vulnerability class: SQL Injection
EPSS: 0.003 (16.8th percentile) — read the EPSS interpretation.
Affected products
- Purei Cms — versions 1.0
Weakness classification (CWE)
References
- disclosure@vulncheck.com (exploit)
- disclosure@vulncheck.com (product)
- disclosure@vulncheck.com (third-party-advisory)