Plattform
php
Komponente
school-erp-pro
Behoben in
1.0.1
CVE-2020-37088 describes an arbitrary file access vulnerability discovered in School ERP Pro versions 1.0 through 1.0. This flaw allows unauthenticated attackers to read sensitive files on the server by manipulating the 'document' parameter within the download.php script. Successful exploitation could lead to the exposure of system credentials and configuration information, potentially granting attackers unauthorized access and control.
The primary impact of CVE-2020-37088 is the potential for unauthorized access to sensitive files. An attacker can leverage the vulnerability to read configuration files, which often contain database credentials, API keys, and other sensitive information. This could allow them to gain access to the School ERP Pro database, modify data, or even compromise the entire system. The lack of authentication required for exploitation significantly broadens the attack surface, making it accessible to a wide range of attackers. The ability to read arbitrary files also opens the door to information disclosure, potentially exposing student data or other confidential information managed by the ERP system.
CVE-2020-37088 was publicly disclosed on 2026-02-03. There is no indication of active exploitation or inclusion in the CISA KEV catalog at this time. Public proof-of-concept (POC) code may be available, increasing the risk of exploitation. The vulnerability's simplicity and lack of authentication requirements make it a potentially attractive target for opportunistic attackers.
Organizations utilizing School ERP Pro version 1.0, particularly those hosting the application on shared hosting environments or with misconfigured file permissions, are at significant risk. Schools and educational institutions relying on School ERP Pro to manage student data and administrative functions are especially vulnerable.
• php / web:
curl -I 'http://your-schoolerp-pro-server/download.php?document=../../../../etc/passwd'• generic web:
grep -r 'document=../' /var/log/apache2/access.logdisclosure
Exploit-Status
EPSS
2.09% (84% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2020-37088 is to upgrade to a patched version of School ERP Pro as soon as it becomes available. Since a fixed version is not specified in the provided data, immediate action is required. As a temporary workaround, implement strict input validation on the 'document' parameter in download.php, ensuring it only accepts expected file extensions and preventing directory traversal sequences (e.g., '..'). Consider implementing a Web Application Firewall (WAF) rule to block requests containing suspicious characters in the 'document' parameter. Regularly review and audit file permissions on the server to minimize the impact of a potential breach.
Actualizar a una versión parcheada o aplicar las medidas de seguridad proporcionadas por el proveedor. Verificar y sanear las entradas del parámetro 'document' en el archivo download.php para evitar el recorrido de directorios. Limitar el acceso a archivos sensibles y configurar correctamente los permisos del sistema.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2020-37088 is a vulnerability in School ERP Pro 1.0–1.0 that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter, potentially exposing sensitive data.
If you are running School ERP Pro version 1.0, you are potentially affected. Check your installation and upgrade as soon as a patch is available.
The recommended fix is to upgrade to a patched version of School ERP Pro. Until then, implement WAF rules to block directory traversal attempts.
There are currently no confirmed reports of active exploitation, but the vulnerability's simplicity makes it a potential target.
Refer to the School ERP Pro vendor website or security mailing lists for official advisories and patch releases.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.