4 matches found
CVE-2022-45030
Summary: CVE-2022-45030 is a SQL injection in rConfig 3.9.7 via the endpoint lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= (may interact with secure-file-priv). Multiple sources (NVD, Red Hat, CVE List, CN) classify the impact as high (CVSS v3.1: 8.8, HIGH) with network access, low user in...
rconfig 3.9.7 - Sql Injection (Authenticated) Exploit
Exploit Title: rconfig 3.9.7 - Sql Injection Authenticated Exploit Author: azhen Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: " sys.exit1 host=sys.argv1 Enter the hostname def getdatahost: print"+ Get db data..." vulurl =...
rconfig 3.9.7 SQL Injection
Exploit Title: rconfig 3.9.7 - Sql Injection Authenticated Exploit Author: azhen Date: 10/12/2022 Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: " sys.exit1 host=sys.argv1 Enter the hostname def getdatahost: print"+ Get db data..." vulur...
rconfig 3.9.7 - Sql Injection (Authenticated)
Exploit Title: rconfig 3.9.7 - Sql Injection Authenticated Exploit Author: azhen Date: 10/12/2022 Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: " sys.exit1 host=sys.argv1 Enter the hostname def getdatahost: print"+ Get db data..." vulur...