3 matches found
CVE-2020-23148
The userLogin parameter in ldap/login.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a LDAP injection and obtain sensitive information via a crafted POST request...
rConfig <= 3.9.6 Multiple Vulnerabilities
rConfig is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-23148
CVE-2020-23148 affects rConfig 3.9.5 via a vulnerability in the LDAP login path. The issue is the unsanitized userLogin parameter in ldap/login.php , which can lead to a LDAP injection and potential exposure of sensitive information through a crafted POST request. Public references consistently d...