CVE-2024-58301

UNKNOWN 0.0

Purei CMS 1.0 SQL Injection via Multiple Vulnerable Endpoints

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Purei CMS 1.0 contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through unfiltered user input parameters. Attackers can exploit vulnerable endpoints like getAllParks.php and events-ajax.php by injecting crafted SQL payloads to potentially extract or modify database information.

CWE	CWE-89
Vendor	purei
Product	purei cms
Published	Dec 11, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for purei purei cms

Be the first to know when new unknown vulnerabilities affecting purei purei cms are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

purei / Purei CMS

1.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51929 purei.com: https://purei.com vulncheck.com: https://www.vulncheck.com/advisories/purei-cms-sql-injection-via-multiple-vulnerable-endpoints

Credits

Number 7