CVE-2020-37088 PUBLISHED

School ERP Pro 1.0 - Arbitrary File Read

Assigner: VulnCheck
Reserved: 01.02.2026 Published: 03.02.2026 Updated: 04.02.2026

School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. Attackers can access sensitive configuration files by supplying directory traversal paths to retrieve system credentials and configuration information.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
CVSS Score: 8.7

Product Status

Vendor Arox
Product School ERP Pro
Versions
  • Version 1.0 is affected

Credits

  • Besim ALTINOK finder

References

Problem Types

  • Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE