2 matches found
CVE-2019-19372
creationtimestamp| type| source ---|---|--- 2024-03-05 12:13:02+00:00| seen| https://t.me/ctinow/200147...
CVE-2019-19372
CVE-2019-19372 affects rConfig up to version 3.9.3, where a path traversal flaw in downloadFile.php allows listing files in arbitrary folders and potentially downloading files. Root cause is unsafe handling of file paths in download_file, enabling access outside restricted directories. Public sou...