Critical severity9.8NVD Advisory· Published Mar 7, 2020· Updated Jun 17, 2026
CVE-2020-10220
CVE-2020-10220
Description
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- rConfig/rConfigdescription
Patches
Vulnerability mechanics
References
5- github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_sqli.pynvdExploitThird Party Advisory
- packetstormsecurity.com/files/156688/rConfig-3.9-SQL-Injection.htmlnvd
- packetstormsecurity.com/files/156766/Rconfig-3.x-Chained-Remote-Code-Execution.htmlnvd
- packetstormsecurity.com/files/156950/rConfig-3.9.4-searchField-Remote-Code-Execution.htmlnvd
- github.com/v1k1ngfr/exploits-rconfig/blob/master/rconfig_CVE-2020-10220.pynvd
News mentions
0No linked articles in our index yet.