CVE-2020-23149

The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information.
Configurations

Configuration 1

cpe:2.3:a:rconfig:rconfig:3.9.5:*:*:*:*:*:*:*

Information

Published : 2021-08-09 11:15

Updated : 2021-08-12 12:31


NVD link : CVE-2020-23149

Mitre link : CVE-2020-23149

Products Affected
No products.
CWE