Vulnerability Description
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database management system and web application without user interaction.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://fishingreservationsystem.com/index.html
- https://www.exploit-db.com/exploits/48417
- https://www.vulncheck.com/advisories/fishing-reservation-system-uid-sql-injectio
- https://www.vulnerability-lab.com/get_content.php?id=2243
FAQ
What is CVE-2020-37081?
CVE-2020-37081 is a vulnerability with a CVSS score of 7.1 (HIGH). Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can expl...
How severe is CVE-2020-37081?
CVE-2020-37081 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-37081?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.