Cyber Posture

CVE-2020-36999

HighPublic PoC

Published: 29 January 2026

Published
29 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
EPSS Score 0.0012 30.3th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard by manipulating the login page with SQL injection. Attackers can bypass authentication by sending crafted email and password parameters with '=''or' payload to login.php, granting…

more

unauthorized access to the system.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly prevents SQL injection in login.php by validating email and password inputs against malicious payloads like '=''or'.

SI-2 Flaw Remediation good match
prevent

Requires timely remediation of the SQL injection flaw in Elaniin CMS 1.0 login.php to eliminate the authentication bypass vulnerability.

IA-2 Identification and Authentication (Organizational Users) good match
prevent

Mandates robust identification and authentication for users, preventing bypass via SQL injection in the login mechanism.

Security SummaryAI

Elaniin CMS version 1.0 is affected by CVE-2020-36999, an authentication bypass vulnerability rooted in SQL injection within the login.php component. The flaw allows attackers to manipulate the email and password parameters on the login page using a crafted payload such as '=''or', enabling them to circumvent authentication checks and gain direct access to the administrative dashboard.

Remote, unauthenticated attackers can exploit this vulnerability over the network with low complexity, as indicated by its CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N) and association with CWE-89 (SQL Injection). Successful exploitation provides high confidentiality impact through unauthorized dashboard access, with limited integrity impact and no availability disruption, potentially exposing sensitive administrative functions.

Mitigation guidance is available in vendor and third-party advisories, including the VulnCheck advisory at https://www.vulncheck.com/advisories/elaniin-cms-authentication-bypass, the Elaniin website at https://elaniin.com/, and the GitHub repository at https://github.com/elaniin/CMS. A proof-of-concept exploit is publicly documented at https://www.exploit-db.com/exploits/48705.

Details

CWE(s)
CWE-89

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

SQL injection in public-facing login.php enables remote authentication bypass for unauthorized admin dashboard access, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References