Unrated severityNVD Advisory· Published Feb 3, 2026· Updated Feb 6, 2026

GUnet OpenEclass 1.7.3 E-learning platform - Information Disclosure

CVE-2020-37114

Description

GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can retrieve system info, version info, and view or download other users' files without proper authorization.

Affected products

Gunet/Openeclassllm-fuzzy
Range: =1.7.3
Openeclass/GUnet OpenEclassv5
Range: 1.7.3 (2007)

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/48163mitreexploit
www.vulncheck.com/advisories/gunet-openeclass-e-learning-platform-information-disclosuremitrethird-party-advisory
download.openeclass.org/files/docs/1.7/CHANGES.txtmitreproduct
www.openeclass.orgmitreproduct

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000