CVE-2019-8923

XAMPP through 5.6.8 and previous allows SQL injection via the cds-fpdf.php jahr parameter. NOTE: This product is discontinued.
Source: NIST
CVE-2019-8923