PIA S5 Proxy

CVE CVE-2020-23150 | rConfig 3.9.5 SQL Injection

Common Vulnerabilities and Exposures

Marks-Man

Administrator
Joined: Mar 15, 2021
Messages: 1,023
Resources: 403
Points: 113
Reaction score: 1,094
CVE-2020-23150 A SQL injection vulnerability in php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php.


Proposed (Legacy)
Comments (Legacy)
Votes (Legacy)
Phase (Legacy)
Date Record Created
Assigning CNA
References
Description
CVE-ID

CVE-2020-23150​

Learn more at National Vulnerability Database (NVD)
• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MITRE Corporation
20200813Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Assigned (20200813)
N/A
 
  • Tags
    cve cve-2020-23150 rconfig 3.9.5
  • Top