CVE-2020-37089 POC (Proof-of-Concept)

School ERP Pro 1.0 contains a SQL injection vulnerability in the 'es_messagesid' parameter that allows attackers to manipulate database queries through GET requests. Attackers can exploit the vulnerable parameter by injecting crafted SQL statements to potentially extract, modify, or delete database information.

Published: 2026-02-03

CVSS: 9.8

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Download CVE-2020-37089 POC (Proof-of-Concept) here:

http://zeroday5ujpidshxn6zbfitgjltnm6ynx5pvtpmptj3lsq46b6vvrpqd.onion/exploit-for-cve-2020-37089.775/

Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.

Check our portfolio:

http://zeroday5ujpidshxn6zbfitgjltnm6ynx5pvtpmptj3lsq46b6vvrpqd.onion/members/ccsfteam.254/

https://dnacompany.com/poc-706-cve-2026-27767/

https://dnacompany.com/poc-675-cve-2026-27575/

https://dnacompany.com/poc-687-cve-2026-27941/

https://dnacompany.com/poc-393-cve-2025-9953/

Social media

Our Services

Contact us

Earthcrate