PT-2026-5476 · Unknown · E-Learning Php Script

Inc

Publicado

2026-01-30

Atualizado

2026-02-03

CVE-2020-37035

CVSS v3.1

8.2

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Name of the Vulnerable Software and Affected Versions e-Learning PHP Script version 0.1.0

Description The software contains a SQL injection issue in the search functionality. Attackers can manipulate database queries through unvalidated user input. Specifically, malicious SQL code can be injected through the search parameter to potentially extract, modify, or access sensitive database information.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, sanitize the search parameter to prevent SQL injection attacks.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2020-37035

Produtos afetados

E-Learning Php Script

PT-2026-5476 · Unknown · E-Learning Php Script

CVE-2020-37035

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6