CVE-2020-37053 – Navigate CMS 2.8.7 – ”sidx’ SQL Injection

CVE ID : CVE-2020-37053

Published : Jan. 30, 2026, 11:16 p.m. | 1 hour, 56 minutes ago

Description : Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to leak database information by manipulating the ‘sidx’ parameter in comments. Attackers can exploit the vulnerability to extract user activation keys by using time-based blind SQL injection techniques, potentially enabling password reset for administrative accounts.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-15525 – Ajax Load More – Infinite Scroll, Lazy Load & Load More

CVE-2026-1431 – Booking Calendar

CVE-2025-15510 – NEX-Forms – Ultimate Forms Plugin for WordPress

CVE-2026-25156 – HotCRP vulnerable to stored XSS via comment attachments