CVE-2020-37077

MEDIUM

Booked Scheduler 2.7.7 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37077. PoCs published by Besim.

AI-analyzed exploit summary This exploit demonstrates an authenticated directory traversal vulnerability in Booked Scheduler 2.7.7 via the 'tn' parameter in 'manage_email_templates.php'. The PoC shows a GET request that can be manipulated to traverse directories.

Description

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating directory path traversal techniques.

Exploits (1)

exploitdb WORKING POC
by Besim · textwebappsphp
https://www.exploit-db.com/exploits/48428

This exploit demonstrates an authenticated directory traversal vulnerability in Booked Scheduler 2.7.7 via the 'tn' parameter in 'manage_email_templates.php'. The PoC shows a GET request that can be manipulated to traverse directories.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Booked Scheduler v2.7.7
Auth required
Prerequisites: Authenticated session · Access to the vulnerable endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 6.5
EPSS 0.0060
EPSS Percentile 44.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-22
Status published
Products (1)
Twinkle Toes Software/Booked Scheduler 2.7.7
Published Feb 03, 2026
Tracked Since Feb 18, 2026