3 matches found
rConfig 3.9.4 - SQL Injection
rConfig 3.9.4 and previous versions have unauthenticated devices.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. id: CVE-2020-10548 info: name: rConfig 3.9.4...
rConfig 3.9.4 - SQL Injection
rConfig 3.9.4 and previous versions have unauthenticated compliancepolicies.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. id: CVE-2020-10546 info: name:...
WP Forum Server 1.6.5 SQL Injection
Vulnerability ID: HTB22850 Reference: http://www.htbridge.ch/advisory/sqlinjectioninwpforumserverwordpressplugin.html Product: WP Forum Server wordpress plugin Vendor: VastHTML http://lucidcrew.com/ Vulnerable Version: 1.6.5 Vendor Notification: 10 February 2011 Vulnerability Type: SQL Injection...