CVE-2020-37173 in AVideoinfo

Zusammenfassung

von MITRE • 11.02.2026

AVideo Platform 8.1 contains an information disclosure vulnerability that allows attackers to enumerate user details through the playlistsFromUser.json.php endpoint. Attackers can retrieve sensitive user information including email, password hash, and administrative status by manipulating the users_id parameter.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

VulnCheck

Reservieren

10.02.2026

Veröffentlichung

11.02.2026

Moderieren

akzeptiert

Eintrag

VDB-345574

CPE

bereit

CWE

CWE-359 (bestätigt)

Exploit

Download

CVSS

7.5 (CNA)

EPSS

0.00140

KEV

nein

Aktivitäten

very low

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-37173
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-37173
CVE Details	https://www.cvedetails.com/cve/CVE-2020-37173/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!