CVE-2020-27464
CVE-2020-27464 affects rConfig versions up to 3.9.6, where an insecure update feature in the /updater.php component allows an attacker to execute arbitrary code through a specially crafted ZIP file. Documents consistently describe the vulnerability as an update mechanism issue leading to code exe...