High severity8.2NVD Advisory· Published Feb 7, 2026· Updated Apr 15, 2026
CVE-2020-37163
CVE-2020-37163
Description
QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the '_located' parameter in the find_matches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name, and system version.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.