← Back to CVE List
CVE-2020-23149
Published:
2021-08-09T23:15Z
Last Modified:
2024-11-21T05:13Z
Source:
MITRE CVE List
License:
MITRE-CVE-TOS
The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt