CVE-2020-36951

Publication date

2026-01-27 15:23:51

Family

VulnCheck

State

PUBLISHED

Description

Phpscript-sgh 0.1.0 contains a time-based blind SQL injection vulnerability in the admin interface that allows attackers to manipulate database queries through the id parameter. Attackers can exploit this vulnerability by crafting malicious payloads that trigger time delays, enabling them to extract sensitive database information through conditional sleep techniques.