CVE-2020-37053 – Navigate CMS 2.8.7 – ”sidx’ SQL Injection

CVE ID : CVE-2020-37053

Published : Jan. 30, 2026, 11:16 p.m. | 1 hour, 56 minutes ago

Description : Navigate CMS 2.8.7 contains an authenticated SQL injection vulnerability that allows attackers to leak database information by manipulating the ‘sidx’ parameter in comments. Attackers can exploit the vulnerability to extract user activation keys by using time-based blind SQL injection techniques, potentially enabling password reset for administrative accounts.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…