Cyber Resilience

CVE-2020-36999

HighPublic PoC

Published: 29 January 2026

Published
29 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0030 21.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2020-36999 is a high-severity SQL Injection (CWE-89) vulnerability in Elaniin CMS (inferred from references). Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 21.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 IA-2 (Identification and Authentication (Organizational Users)) and SI-10 (Information Input Validation).

Deeper analysis

Elaniin CMS version 1.0 is affected by CVE-2020-36999, an authentication bypass vulnerability rooted in SQL injection within the login.php component. The flaw allows attackers to manipulate the email and password parameters on the login page using a crafted payload such as '=''or', enabling them to circumvent authentication checks and gain direct access to the administrative dashboard.

Remote, unauthenticated attackers can exploit this vulnerability over the network with low complexity, as indicated by its CVSS v3.1 base score of 8.2 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N) and association with CWE-89 (SQL Injection). Successful exploitation provides high confidentiality impact through unauthorized dashboard access, with limited integrity impact and no availability disruption, potentially exposing sensitive administrative functions.

Mitigation guidance is available in vendor and third-party advisories, including the VulnCheck advisory at https://www.vulncheck.com/advisories/elaniin-cms-authentication-bypass, the Elaniin website at https://elaniin.com/, and the GitHub repository at https://github.com/elaniin/CMS. A proof-of-concept exploit is publicly documented at https://www.exploit-db.com/exploits/48705.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Elaniin CMS 1.0 contains an authentication bypass vulnerability that allows attackers to access the dashboard by manipulating the login page with SQL injection. Attackers can bypass authentication by sending crafted email and password parameters with '=''or' payload to login.php, granting…

more

unauthorized access to the system.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

SQL injection in public-facing login.php enables remote authentication bypass for unauthorized admin dashboard access, directly facilitating T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-24956Shared CWE-89
CVE-2026-33615Shared CWE-89
CVE-2025-28939Shared CWE-89
CVE-2021-47872Shared CWE-89
CVE-2025-28873Shared CWE-89
CVE-2019-25636Shared CWE-89
CVE-2026-32611Shared CWE-89
CVE-2026-42755Shared CWE-89
CVE-2024-53544Shared CWE-89
CVE-2026-21410Shared CWE-89

Affected Assets

Elaniin
CMS
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents SQL injection in login.php by validating email and password inputs against malicious payloads like '=''or'.

prevent

Requires timely remediation of the SQL injection flaw in Elaniin CMS 1.0 login.php to eliminate the authentication bypass vulnerability.

prevent

Mandates robust identification and authentication for users, preventing bypass via SQL injection in the login mechanism.

References