CVE-2020-37084

HIGH

School ERP Pro 1.0 - RCE

Title source: llm

Description

School ERP Pro 1.0 contains a remote code execution vulnerability that allows authenticated admin users to upload arbitrary PHP files as profile photos by bypassing file extension checks. Attackers can exploit improper file validation in pre-editstudent.inc.php to execute arbitrary code on the server.

Exploits (1)

exploitdb WORKING POC

by Besim · textwebappsphp

https://www.exploit-db.com/exploits/48392

View Code ZIP pw:eip

References (4)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/48392

[Product] https://web.archive.org/web/20200129123503/http://arox.in/

[Product] https://web.archive.org/web/20190612111732/https://sourceforge.net/projects/school-erp-ultimate/

[Third Party Advisory] https://www.vulncheck.com/advisories/school-erp-pro-admin-profile-photo-upload-remote-code-execution-vulnerability

Scores

CVSS v3 7.2

EPSS 0.0046

EPSS Percentile 64.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-434

Status published

Products (1)

arox/school_erp_pro 1.0

Published Feb 03, 2026

Tracked Since Feb 18, 2026