CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-37116

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.5%

CVSS Severity

CVSS v3 Score 8.8

References

https://download.openeclass.org/files/docs/1.7/CHANGES.txt
https://www.exploit-db.com/exploits/48163
https://www.openeclass.org/
https://www.vulncheck.com/advisories/gunet-openeclass-e-learning-platform-phpmyadmin-remote-access

Products affected by CVE-2020-37116

Gunet » Open Eclass Platform » Version: 1.7.3

cpe:2.3:a:gunet:open_eclass_platform:1.7.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-37116

Products

Pricing

Contact Us