exploit the possibilities

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

CVE-2020-10220

Status Candidate

Overview

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.

Related Files

rConfig 3.9.4 searchField Remote Code Execution: Posted Mar 28, 2020; Authored by vikingfr; rConfig version 3.9.4 searchField unauthenticated remote root code execution exploit.; tags | exploit, remote, root, code execution; advisories | CVE-2019-19509, CVE-2019-19585, CVE-2020-10220; SHA-256 | 286d169b9325c701681f3ca01b90d56974a51fe70471f6d1ba94a2d175b1f7a8; Download | Favorite | View

Rconfig 3.x Chained Remote Code Execution: Posted Mar 16, 2020; Authored by Orange Cyberdefense, Jean-Pascal Thomas | Site metasploit.com; This Metasploit module takes advantage of a command injection vulnerability in the path parameter of the ajax archive file functionality within the rConfig web interface in order to execute the payload. Valid credentials for a user with administrative privileges are required . However, this module can bypass authentication via SQL injection.; tags | exploit, web, sql injection; advisories | CVE-2019-19509, CVE-2020-10220; SHA-256 | 0b63805ab8f2162cb70c5931c392c85432cadbdd98208528d5861e068261cd6c; Download | Favorite | View

rConfig 3.9 SQL Injection: Posted Mar 11, 2020; Authored by vikingfr; rConfig version 3.9 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; advisories | CVE-2020-10220; SHA-256 | a8428e6dd617bc7a6966d1ff349fff0c9d819ba218d51a40871dcbe6a40f4dac; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 133 files
Ubuntu 103 files
Debian 20 files
Google Security Research 11 files
LiquidWorm 10 files
Abdulhakim Oner 8 files
Muhammad Navaid Zafar Ansari 7 files
Ivan Fratric 5 files
fearzzzz 5 files
nu11secur1ty 5 files

File Tags

File Archives

Systems

AIX (426)
Apple (1,951)
BSD (370)
CentOS (56)
Cisco (1,919)
Debian (6,712)
Fedora (1,691)
FreeBSD (1,242)
Gentoo (4,288)
HPUX (878)
iOS (338)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,108)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,912)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,439)
UNIX (9,207)
UnixWare (185)
Windows (6,531)
Other

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec