CVE-2020-37090

CRITICAL

School ERP Pro 1.0 - Unauthenticated Remote Code Execution via Message Attachment Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-37090. PoCs published by Besim.

AI-analyzed exploit summary The exploit demonstrates a file upload vulnerability in School ERP Pro 1.0, allowing remote code execution by uploading a malicious PHP file via the student message attachment feature. The vulnerable code fails to validate file extensions, enabling attackers to bypass restrictions and execute arbitrary PHP code.

Description

School ERP Pro 1.0 contains a file upload vulnerability that allows students to upload arbitrary PHP files to the messaging system. Attackers can upload malicious PHP scripts through the message attachment feature, enabling remote code execution on the server.

Exploits (1)

exploitdb WORKING POC
by Besim · textwebappsphp
https://www.exploit-db.com/exploits/48392

The exploit demonstrates a file upload vulnerability in School ERP Pro 1.0, allowing remote code execution by uploading a malicious PHP file via the student message attachment feature. The vulnerable code fails to validate file extensions, enabling attackers to bypass restrictions and execute arbitrary PHP code.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: School ERP Pro 1.0
Auth required
Prerequisites: Student account credentials · Access to the message attachment feature
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 9.8
EPSS 0.0077
EPSS Percentile 50.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
arox/school_erp_pro 1.0
Published Feb 03, 2026
Tracked Since Feb 18, 2026