Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jean-pascal thomas vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-10220
An issue exists in rConfig up to and including 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.
Rconfig Rconfig
2 EDB exploits
2 Github repositories
9
CVSSv2
CVE-2019-19509
An issue exists in rConfig 3.9.3. A remote authenticated user can directly execute system commands by sending a GET request to ajaxArchiveFiles.php because the path parameter is passed to the exec function without filtering, which can lead to command execution.
Rconfig Rconfig 3.9.3
1 EDB exploit
1 Github repository
4.6
CVSSv2
CVE-2019-19585
An issue exists in rConfig 3.9.3. The install script updates the /etc/sudoers file for rconfig specific tasks. After an "rConfig specific Apache configuration" update, apache has high privileges for some binaries. This can be exploited by an malicious user to bypass loc...
Rconfig Rconfig 3.9.3
1 Metasploit module
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started