The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing malicious users to perform a SQL injection and access sensitive database information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rconfig rconfig 3.9.5 |