Security Advisory

CVE-2020-37163

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-06 23:14:11
Last updated 2026-02-17 16:55:59
Assigner VulnCheck
State PUBLISHED

Description

QuickDate 1.3.2 contains a SQL injection vulnerability that allows remote attackers to manipulate database queries through the _located parameter in the find_matches endpoint. Attackers can inject UNION-based SQL statements to extract database information including user credentials, database name, and system version.