CVE-2020-10220

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.

Date published : 2020-03-07

http://packetstormsecurity.com/files/156688/rConfig-3.9-SQL-Injection.html

http://packetstormsecurity.com/files/156766/Rconfig-3.x-Chained-Remote-Code-Execution.html