CVE-2021-29004
CVE-2021-29004 affects rConfig 3.9.6 with a SQL Injection vulnerability. The vulnerability requires authentication to exploit; if the MySQL server is the same as rConfig and --secure-file-priv is not set, an attacker could upload a webshell and access it remotely. Public references indicate sever...