Vulnerabilities > Rconfig
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-28 | CVE-2020-15715 | Unspecified vulnerability in Rconfig 3.9.5 rConfig 3.9.5 could allow a remote authenticated attacker to execute arbitrary code on the system, because of an error in the search.crud.php script. | 6.5 |
2020-07-28 | CVE-2020-15714 | SQL Injection vulnerability in Rconfig 3.9.5 rConfig 3.9.5 is vulnerable to SQL injection. | 6.5 |
2020-07-28 | CVE-2020-15713 | SQL Injection vulnerability in Rconfig 3.9.5 rConfig 3.9.5 is vulnerable to SQL injection. | 6.5 |
2020-07-28 | CVE-2020-15712 | Path Traversal vulnerability in Rconfig 3.9.5 rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. | 4.0 |
2020-06-04 | CVE-2020-10549 | SQL Injection vulnerability in Rconfig rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. | 7.5 |
2020-06-04 | CVE-2020-10548 | SQL Injection vulnerability in Rconfig rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. | 7.5 |
2020-06-04 | CVE-2020-10547 | SQL Injection vulnerability in Rconfig rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. | 7.5 |
2020-06-04 | CVE-2020-10546 | SQL Injection vulnerability in Rconfig rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. | 7.5 |
2020-05-18 | CVE-2020-12256 | Cross-site Scripting vulnerability in Rconfig 3.9.4 rConfig 3.9.4 is vulnerable to reflected XSS. | 3.5 |
2020-05-18 | CVE-2020-12255 | Unrestricted Upload of File with Dangerous Type vulnerability in Rconfig 3.9.4 rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. | 6.5 |