High severity8.2NVD Advisory· Published Feb 3, 2026· Updated Apr 15, 2026
CVE-2020-37083
CVE-2020-37083
Description
PHP AddressBook 9.0.0.1 contains a time-based blind SQL injection vulnerability that allows remote attackers to manipulate database queries through the 'id' parameter. Attackers can inject crafted SQL statements with time delays to extract information by observing response times in the photo.php endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =9.0.0.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.