CVE-2020-37163 – QuickDate 1.3.2 – SQL Injection

CVE ID : CVE-2020-37163

Published : Feb. 7, 2026, 12:15 a.m. | 1 hour, 3 minutes ago

Description : QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the ‘_located’ parameter in the find_matches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name, and system version.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…