CVE-2020-37105

Unknown Unknown - Not Provided

SQL Injection in PMB 5.6 Admin Download Allows Data Manipulation

Publication date: 2026-02-03

Last updated on: 2026-02-03

Assigner: VulnCheck

Description

PMB 5.6 contains a SQL injection vulnerability in the administration download script that allows authenticated attackers to execute arbitrary SQL commands through the 'logid' parameter. Attackers can leverage this vulnerability by sending crafted requests to the /admin/sauvegarde/download.php endpoint with manipulated logid values to interact with the database.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-02-03

Last Modified

2026-02-03

Generated

2026-06-16

AI Q&A

2026-02-03

EPSS Evaluated

2026-06-15

NVD

CVE-2020-37105

Affected Vendors & Products

Vendor	Product	Version / Range
unknown_vendor	pmb	to 5.6 (exc)

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-89	The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

CWE ID

Description

CWE-89

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Attack-Flow Graph

Compliance Impact

The SQL injection vulnerability in PMB 5.6 allows authenticated attackers to execute arbitrary SQL commands, potentially compromising sensitive data stored in the database.

Such unauthorized access and potential data compromise can lead to violations of data protection regulations and standards like GDPR and HIPAA, which require safeguarding sensitive personal and health information against unauthorized access and breaches.

Therefore, exploitation of this vulnerability could negatively impact compliance by exposing confidential data and failing to maintain required security controls.

Executive Summary

[{'type': 'paragraph', 'content': "CVE-2020-37105 is a high-severity SQL injection vulnerability affecting PMB version 5.6 and earlier. It exists in the administration download script at the endpoint /admin/sauvegarde/download.php, specifically through the 'logid' parameter."}, {'type': 'paragraph', 'content': "Authenticated attackers can exploit this vulnerability by sending crafted requests with manipulated 'logid' values, allowing them to execute arbitrary SQL commands on the backend database."}, {'type': 'paragraph', 'content': 'This flaw requires the attacker to have valid administrative credentials but does not require user interaction and has a low attack complexity.'}] [1, 2]

Impact Analysis

This vulnerability allows authenticated attackers to execute arbitrary SQL commands on the backend database, potentially compromising sensitive data.

The impact includes high confidentiality loss, meaning attackers could access or leak sensitive information stored in the database.

The integrity impact is low, so attackers might have limited ability to alter data, and there is no impact on availability.

Detection Guidance

[{'type': 'paragraph', 'content': "This SQL injection vulnerability can be detected by sending crafted requests to the vulnerable endpoint and observing if arbitrary SQL commands can be executed through the 'logid' parameter."}, {'type': 'paragraph', 'content': 'A practical way to test this is by using SQL injection testing tools such as sqlmap.'}, {'type': 'list_item', 'content': 'Use sqlmap with a command like: ./sqlmap.py -u "http://localhost/[PMB_PATH]/admin/sauvegarde/download.php?logid=1" -p logid --headers="Cookie: [VALID_USER_COOKIE]" --passwords'}, {'type': 'paragraph', 'content': 'Note that exploitation requires valid administrative authentication, so the request must include valid session cookies or credentials.'}] [2]

Mitigation Strategies

[{'type': 'paragraph', 'content': "To mitigate the SQL injection vulnerability in PMB 5.6's administration download script, immediate steps include restricting access to the /admin/sauvegarde/download.php endpoint to only trusted and authenticated administrators."}, {'type': 'paragraph', 'content': 'Ensure that only users with valid administrative credentials can access this functionality, as exploitation requires authentication.'}, {'type': 'paragraph', 'content': "Additionally, monitor and audit logs for any suspicious activity involving the 'logid' parameter."}, {'type': 'paragraph', 'content': 'If possible, apply any available patches or updates from the vendor that address this vulnerability.'}, {'type': 'paragraph', 'content': "As a temporary workaround, consider implementing input validation or filtering on the 'logid' parameter to prevent malicious SQL commands."}] [1, 2]

Hi! I’m here to help you understand CVE-2020-37105. Ask me anything about the vulnerability, its impact, or mitigation strategies.

0/70

CVE-2020-37105

SQL Injection in PMB 5.6 Admin Download Allows Data Manipulation

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

AI Quick Actions

Chat Assistant

EPSS Chart