CVE-2020-37035:
e-Learning PHP Script 0.1.0 contains a SQL injection vulnerability in the search functionality that allows attackers to manipulate database queries through unvalidated user input. Attackers can inject malicious SQL code in the 'search' parameter to potentially extract, modify, or access sensitive database information.
Score
A numerical rating that indicates how dangerous this vulnerability is.
8.2HighA numerical rating that indicates how dangerous this vulnerability is.
- Published Date:Jan 30, 2026
- CISA KEV Date:*No Data*
- Industries Affected:20
Threat Predictions
- EPSS Score:0.0
- EPSS Percentile:9%
Exploitability
- Score:3.9
- Attack Vector:NETWORK
- Attack Complexity:LOW
- Privileges Required:NONE
- User Interaction:NONE
- Scope:UNCHANGED
Impact
- Score:4.2
- Confidentiality Impact:HIGH
- Integrity Impact:LOW
- Availability Impact:NONE
Description Preview
e-Learning PHP Script 0.1.0 contains a SQL injection vulnerability in the search functionality that allows attackers to manipulate database queries through unvalidated user input. Attackers can inject malicious SQL code in the 'search' parameter to potentially extract, modify, or access sensitive database information.
Industries Affected
Below is a list of industries most commonly impacted or potentially at risk based on intelligence.
Low
