Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo metinfo 7.0.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-17553
An issue exists in MetInfo v7.0.0 beta. There is SQL Injection via the admin/?n=tags&c=index&a=doSaveTags URI.
Metinfo Metinfo 7.0.0
1 Github repository
6.5
CVSSv2
CVE-2019-16997
In Metinfo 7.0.0beta, a SQL Injection exists in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.
Metinfo Metinfo 7.0.0
3.5
CVSSv2
CVE-2020-20600
MetInfo 7.0 beta contains a stored cross-site scripting (XSS) vulnerability in the $name parameter of admin/?n=column&c=index&a=doAddColumn.
Metinfo Metinfo 7.0.0
6.5
CVSSv2
CVE-2019-17419
An issue exists in MetInfo 7.0. There is SQL injection via the admin/?n=user&c=admin_user&a=doGetUserInfo id parameter.
Metinfo Metinfo 7.0.0
5
CVSSv2
CVE-2020-19304
An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows malicious users to perform a directory traversal and access sensitive information.
Metinfo Metinfo 7.0.0
7.5
CVSSv2
CVE-2020-19305
An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the column is deleted, allowing malicious users to escalate privileges.
Metinfo Metinfo 7.0.0
7.5
CVSSv2
CVE-2020-21133
SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.
Metinfo Metinfo 7.0.0
5
CVSSv2
CVE-2020-20585
A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows malicious users to access sensitive database information.
Metinfo Metinfo 7.0.0
7.5
CVSSv2
CVE-2020-20800
An issue exists in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI.
Metinfo Metinfo 7.0.0
6.4
CVSSv2
CVE-2020-20907
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/file.func.php.
Metinfo Metinfo 7.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »