CVE-2020-37053

Name of the Vulnerable Software and Affected Versions Navigate CMS version 2.8.7

Description Navigate CMS 2.8.7 contains an authenticated SQL injection issue that allows attackers to obtain database information by manipulating the sidx parameter within comments. Attackers can exploit this to extract user activation keys using time-based blind SQL injection techniques, potentially allowing for password resets of administrative accounts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.