CVE-2020-37089 | Arox School ERP Pro 1.0 es_messagesid sql injection (Exploit 48390 / EDB-48390)
A vulnerability categorized as critical has been discovered in Arox School ERP Pro 1.0. Affected by this vulnerability is an unknown functionality. Executing a manipulation of the argument es_messagesid can lead to sql injection.
This vulnerability is tracked as CVE-2020-37089. The attack can be launched remotely. Moreover, an exploit is present.