VYPR
High severity7.5NVD Advisory· Published Aug 9, 2021· Updated Jun 17, 2026

CVE-2020-23150

CVE-2020-23150

Description

A SQL injection vulnerability in config.inc.php of rConfig 3.9.5 allows attackers to access sensitive database information via a crafted GET request to install/lib/ajaxHandlers/ajaxDbInstall.php.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.