Lucene search
K

482 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-7699

Malware in sbrugna...

8.8CVSS8.6AI score0.02791EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-4572

Malware in sbrugna...

9.1CVSS9AI score0.01708EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-15651

Malware in sbrugna...

9CVSS8.7AI score0.01827EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-7701

Malware in sbrugna...

9.9CVSS8.9AI score0.04202EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-28422

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00713EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-47955

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.02685EPSS
Exploits4References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-29280

Malicious code in bioql PyPI...

9CVSS8.8AI score0.01342EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-47327

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.05009EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:42 a.m.6 views

CVE-2023-39108

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the pathb parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs...

8.8CVSS7.5AI score0.02965EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:10 a.m.10 views

CVE-2023-39109

rconfig v3.9.4 was discovered to contain a Server-Side Request Forgery SSRF via the patha parameter in the doDiff Function of /classes/compareClass.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs...

8.8CVSS7.2AI score0.02965EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 3:21 a.m.8 views

CVE-2023-24366

An arbitrary file download vulnerability in rConfig v6.8.0 allows attackers to download sensitive files via a crafted HTTP request...

6.5CVSS6.8AI score0.00713EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:6 a.m.10 views

CVE-2022-44384

An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file...

8.8CVSS7.8AI score0.05009EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:46 p.m.5 views

CVE-2022-45030

A SQL injection vulnerability in rConfig 3.9.7 exists via lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command= this may interact with secure-file-priv...

8.8CVSS7.9AI score0.02685EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:24 p.m.7 views

CVE-2021-29005

Insecure permission of chmod command on rConfig server 3.9.6 exists. After installing rConfig apache user may execute chmod as root without password which may let an attacker with low privilege to gain root access on server...

9CVSS7.6AI score0.01827EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:23 p.m.8 views

CVE-2021-29004

rConfig 3.9.6 is affected by SQL Injection. A user must be authenticated to exploit the vulnerability. If --secure-file-priv in MySQL server is not set and the Mysql server is the same as rConfig, an attacker may successfully upload a webshell to the server and access it remotely...

8.8CVSS7.2AI score0.02062EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:35 p.m.5 views

CVE-2021-29006

rConfig 3.9.6 is affected by a Local File Disclosure vulnerability. An authenticated user may successfully download any file on the server...

6.5CVSS6.7AI score0.06976EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:24 p.m.4 views

CVE-2020-15715

rConfig 3.9.5 could allow a remote authenticated attacker to execute arbitrary code on the system, because of an error in the search.crud.php script. An attacker could exploit this vulnerability using the nodeId parameter...

9.9CVSS7.6AI score0.04202EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:24 p.m.6 views

CVE-2020-15713

rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.php script using the sortBy parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database...

8.8CVSS7.3AI score0.02791EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:24 p.m.7 views

CVE-2020-15712

rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences %2f..%2f in the path parameter to view arbitrary files on the system...

4.3CVSS6.7AI score0.01564EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:4 p.m.9 views

CVE-2020-23149

The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information...

7.5CVSS7.7AI score0.01353EPSS
Exploits1
Rows per page
Query Builder