High severity7.5NVD Advisory· Published Jan 29, 2026· Updated Apr 15, 2026
CVE-2020-37008
CVE-2020-37008
Description
EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to manipulate SQL queries in JSON requests to access admin user information. Attackers can exploit weak input validation by injecting single quotes in ID parameters and modify admin user passwords without proper token authentication.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.