Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2019-13969
Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request.
Metinfo Metinfo
4.3
CVSSv2
CVE-2018-20486
MetInfo 6.x up to and including 6.1.3 has XSS via the /admin/login/login_check.php url_array[] parameter.
Metinfo Metinfo
6.8
CVSSv2
CVE-2019-7718
An issue exists in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogetsql&tables=<?php and admin/databack/bakup_tables.php?2=file_put_contents UR...
Metinfo Metinfo
NA
CVE-2022-44849
A Cross-Site Request Forgery (CSRF) in the Administrator List of MetInfo v7.7 allows malicious users to arbitrarily add Super Administrator account.
Metinfo Metinfo 7.7
5
CVSSv2
CVE-2017-14513
Directory traversal vulnerability in MetInfo 5.3.17 allows remote malicious users to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php.
Metinfo Metinfo 5.3.17
7.5
CVSSv2
CVE-2019-17553
An issue exists in MetInfo v7.0.0 beta. There is SQL Injection via the admin/?n=tags&c=index&a=doSaveTags URI.
Metinfo Metinfo 7.0.0
1 Github repository
4.3
CVSSv2
CVE-2018-9928
Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 allows remote malicious users to inject arbitrary web script or HTML via the webname or weburl parameter.
Metinfo Metinfo 6.0.0
4.3
CVSSv2
CVE-2018-9985
The front page of MetInfo 6.0 allows XSS by sending a feedback message to an administrator.
Metinfo Metinfo 6.0.0
6.5
CVSSv2
CVE-2019-16996
In Metinfo 7.0.0beta, a SQL Injection exists in app/system/product/admin/product_admin.class.php via the admin/?n=product&c=product_admin&a=dopara&app_type=shop id parameter.
Metinfo Metinfo 7.0.0
6.5
CVSSv2
CVE-2019-17418
An issue exists in MetInfo 7.0. There is SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter, a different issue than CVE-2019-16997.
Metinfo Metinfo 7.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »