Security Advisory

CVE-2020-37006

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-29 14:28:29

Last updated 2026-01-29 15:25:36

Assigner VulnCheck

State PUBLISHED

Description

berliCRM 1.0.24 contains a SQL injection vulnerability in the src_record parameter that allows remote attackers to manipulate database queries. Attackers can inject malicious SQL code through a crafted POST request to the index.php endpoint to potentially extract or modify database information.

← Browse all CVEs View on cve.org ↗