Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo metinfo vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2019-13969
Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request.
Metinfo Metinfo
383
VMScore
CVE-2018-20486
MetInfo 6.x up to and including 6.1.3 has XSS via the /admin/login/login_check.php url_array[] parameter.
Metinfo Metinfo
605
VMScore
CVE-2019-7718
An issue exists in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogetsql&tables=<?php and admin/databack/bakup_tables.php?2=file_put_contents UR...
Metinfo Metinfo
668
VMScore
CVE-2022-23335
Metinfo v7.5.0 exists to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter.
Metinfo Metinfo 7.5.0
668
VMScore
CVE-2022-22295
Metinfo v7.5.0 exists to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter.
Metinfo Metinfo 7.5.0
580
VMScore
CVE-2019-17418
An issue exists in MetInfo 7.0. There is SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter, a different issue than CVE-2019-16997.
Metinfo Metinfo 7.0.0
383
VMScore
CVE-2017-12788
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote malicious users to inject arbitrary web script or HTML via the (1) class1 parameter or the (2) anyid parameter.
Metinfo Metinfo 5.3.18
605
VMScore
CVE-2017-12789
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state.
Metinfo Metinfo 5.3.18
383
VMScore
CVE-2017-12790
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/index.php. The attack vector is: The administrator clicks on the malicious link in the login state.
Metinfo Metinfo 5.3.18
668
VMScore
CVE-2019-17553
An issue exists in MetInfo v7.0.0 beta. There is SQL Injection via the admin/?n=tags&c=index&a=doSaveTags URI.
Metinfo Metinfo 7.0.0
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »