Lucene search
HistoryApr 15, 2023 - 2:15 a.m.
CVE-2022-45030
cve-2022-45030
sql injection
rconfig 3.9.7
ajaxhandlers
ajaxcomparegetcmddates.php
secure-file-priv
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.3%
A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (this may interact with secure-file-priv).
Affected configurations
Node
rconfigrconfigMatch3.9.7
| CPE | Name | Operator | Version |
|---|---|---|---|
| rconfig:rconfig | rconfig | eq | 3.9.7 |
Related
zdt
zdt
rconfig 3.9.7 - Sql Injection (Authenticated) Exploit
2023-03-31 00:00:00
nvd
nvd
CVE-2022-45030
2023-04-15 02:15:07
prion
prion
Sql injection
2023-04-15 02:15:00
cvelist
cvelist
CVE-2022-45030
2023-04-15 00:00:00
packetstorm
packetstorm
rconfig 3.9.7 SQL Injection
2023-03-31 00:00:00
exploitdb
exploitdb
rconfig 3.9.7 - Sql Injection (Authenticated)
2023-03-31 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
41.3%
Related for CVE-2022-45030