{"uuid": "9cad28a0-a3b9-4b23-8fa9-54a0906b6f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-23149", "type": "seen", "source": "https://t.me/cibsecurity/27039", "content": "\u203c CVE-2020-23149 \u203c\n\nThe dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T02:50:54.000000Z"}