CVE-2020-37156

Medium CVSS: 6.9

BloodX 1.0 contains an authentication bypass vulnerability in login.php that allows attackers to access the dashboard without valid credentials. Attackers can exploit the vulnerability by sending a crafted payload with '=''or' parameters to bypass login authentication and gain unauthorized access.

Vendor

Product

CWE

CWE-288

Yayın Tarihi

2026-02-11 21:16:08

Güncelleme

2026-02-12 15:10:37

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-288 MEDIUM 2026

Referanslar

https://github.com/diveshlunker/BloodX https://www.exploit-db.com/exploits/47842 https://www.vulncheck.com/advisories/bloodx-authentication-bypass