Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo metinfo vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2018-17129
MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/admin/feedback_admin.class.php via the class1 field.
Metinfo Metinfo 6.1.0
5.4
CVSSv3
CVE-2018-18374
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
Metinfo Metinfo 6.1.2
6.1
CVSSv3
CVE-2018-19835
Metinfo 6.1.3 has reflected XSS via the admin/column/move.php lang_columnerr4 parameter.
Metinfo Metinfo 6.1.3
6.1
CVSSv3
CVE-2018-19836
In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitrary HTTP headers (including the Cookie header), and common.inc.php allows registering variables from the $_COOKIE value. This issue can, for example, be exploited in conjunction with CVE-2018-19835 to bypass ma...
Metinfo Metinfo 6.1.3
9.8
CVSSv3
CVE-2019-17553
An issue exists in MetInfo v7.0.0 beta. There is SQL Injection via the admin/?n=tags&c=index&a=doSaveTags URI.
Metinfo Metinfo 7.0.0
1 Github repository
9.8
CVSSv3
CVE-2020-18175
SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php.
Metinfo Metinfo 6.1.3
5.3
CVSSv3
CVE-2017-14513
Directory traversal vulnerability in MetInfo 5.3.17 allows remote malicious users to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php.
Metinfo Metinfo 5.3.17
8.8
CVSSv3
CVE-2017-11347
Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated malicious user to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php.
Metinfo Metinfo 5.3.17
7.5
CVSSv3
CVE-2020-20585
A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows malicious users to access sensitive database information.
Metinfo Metinfo 7.0.0
5.4
CVSSv3
CVE-2020-20600
MetInfo 7.0 beta contains a stored cross-site scripting (XSS) vulnerability in the $name parameter of admin/?n=column&c=index&a=doAddColumn.
Metinfo Metinfo 7.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »