CVE-2020-37077

medium

Description

Booked Scheduler 2.7.7 contains a directory traversal vulnerability in the manage_email_templates.php script that allows authenticated administrators to access unauthorized files. Attackers can exploit the vulnerable 'tn' parameter to read files outside the intended directory by manipulating directory path traversal techniques.

References

https://www.vulncheck.com/advisories/booked-scheduler-authenticated-directory-traversal

https://www.exploit-db.com/exploits/48428

https://www.bookedscheduler.com

https://web.archive.org/web/20190612055926/https://sourceforge.net/projects/phpscheduleit/

Details

Source: Mitre, NVD

Published: 2026-02-03

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

CVSS v4

Base Score: 6.9

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Severity: Medium

EPSS

EPSS: 0.001