rconfig v3.9.4 exists to contain a Server-Side Request Forgery (SSRF) via the path parameter at /ajaxGetFileByPath.php. This vulnerability allows authenticated malicious users to make arbitrary requests via injection of crafted URLs.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rconfig rconfig 3.9.4 |