Unrated severityNVD Advisory· Published Feb 3, 2026· Updated Feb 6, 2026
GUnet OpenEclass 1.7.3 E-learning platform - Information Disclosure
CVE-2020-37114
Description
GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can retrieve system info, version info, and view or download other users' files without proper authorization.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2=1.7.3+ 1 more
- (no CPE)range: =1.7.3
- (no CPE)range: 1.7.3 (2007)
Patches
Vulnerability mechanics
References
4- www.exploit-db.com/exploits/48163mitreexploit
- www.vulncheck.com/advisories/gunet-openeclass-e-learning-platform-information-disclosuremitrethird-party-advisory
- download.openeclass.org/files/docs/1.7/CHANGES.txtmitreproduct
- www.openeclass.orgmitreproduct
News mentions
0No linked articles in our index yet.