CVE CVE-2020-23150 | rConfig 3.9.5 SQL Injection

CVE - CVE-2020-23150 | rConfig 3.9.5 SQL Injection - TheJavaSea Forum, Gaming Laptops & PCs Reviews, Linux Tutorials, Network Hacks, Hacking, Leaks, Proxies, Domains & Webhosting, Coding Tutorials, SEO Tips & Hacks, Security TIPS and much more.
Common Vulnerabilities and Exposures
Marks-Man

Marks-Man

Administrator
Joined: Mar 15, 2021
Messages: 1,050
Resources: 405
Points: 113
Reaction score: 1,328
CVE-2020-23150 A SQL injection vulnerability in php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php.


Proposed (Legacy)
Comments (Legacy)
Votes (Legacy)
Phase (Legacy)
Date Record Created
Assigning CNA
References
Description
CVE-ID

CVE-2020-23150​

Learn more at National Vulnerability Database (NVD)
• CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php.
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MITRE Corporation
20200813Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Assigned (20200813)
N/A
 
You must log in or register to reply here.
  • Tags
    cve cve-2020-23150 rconfig 3.9.5
    • Top