CVE-2020-37114 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and ot…
Medium CVSS: 5.3

CVE-2020-37114

GUnet OpenEclass 1.7.3 allows unauthenticated and authenticated users to access sensitive information, including system information, application version, and other students' uploaded assessments, due to improper access controls and information disclosure flaws in various modules. Attackers can retrieve system info, version info, and view or download other users' files without proper authorization.
Vendor
Gunet
Product
Open Eclass Platform
CWE
CWE-200
Yayın Tarihi
2026-02-03 18:16:11
Güncelleme
2026-02-10 21:25:23
Source Identifier
disclosure@vulncheck.com
KEV Date Added
-

Kategoriler

CWE-200 Open Eclass Platform MEDIUM Gunet 2026

Referanslar

https://download.openeclass.org/files/docs/1.7/CHANGES.txt https://www.exploit-db.com/exploits/48163 https://www.openeclass.org/ https://www.vulncheck.com/advisories/gunet-openeclass-e-learning-platform-information-disclosure