8 matches found
CVE-2022-45030
A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= this may interact with secure-file-priv...
CVE-2022-45030
Summary: CVE-2022-45030 is a SQL injection in rConfig 3.9.7 via the endpoint lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (may interact with secure-file-priv). Multiple sources (NVD, Red Hat, CVE List, CN) classify the impact as high (CVSS v3.1: 8.8, HIGH) with network access, low user in...
CVE-2022-45030
A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= this may interact with secure-file-priv...
CVE-2020-27466
An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6 allows attackers to execute arbitrary code via a crafted file...
Arbitrary file deletion
An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6 allows attackers to execute arbitrary code via a crafted file...
CVE-2020-27466
An arbitrary file write vulnerability in lib/AjaxHandlers/ajaxEditTemplate.php of rConfig 3.9.6 allows attackers to execute arbitrary code via a crafted file...
CVE-2020-27466
CVE-2020-27466 affects rConfig 3.9.6. The vulnerability is in lib/AjaxHandlers/ajaxEditTemplate.php and is described as an arbitrary file write that allows an attacker to execute arbitrary code via a crafted file. Publicly available connected documents corroborate this as the core issue; however,...
rConfig < 3.9.3 Multiple RCE Vulnerabilities - Version Check
rConfig is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...