Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2019-16997
In Metinfo 7.0.0beta, a SQL Injection exists in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.
Metinfo Metinfo 7.0.0
4.8
CVSSv3
CVE-2018-14419
MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page.
Metinfo Metinfo 6.0.0
8.8
CVSSv3
CVE-2018-14420
MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI.
Metinfo Metinfo 6.0.0
8.8
CVSSv3
CVE-2019-17676
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI.
Metinfo Metinfo 7.0.0
5.4
CVSSv3
CVE-2018-18374
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
Metinfo Metinfo 6.1.2
7.5
CVSSv3
CVE-2020-20585
A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows malicious users to access sensitive database information.
Metinfo Metinfo 7.0.0
9.8
CVSSv3
CVE-2020-20800
An issue exists in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes&endata=yes&showdata=yes URI.
Metinfo Metinfo 7.0.0
9.1
CVSSv3
CVE-2020-20907
MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/language/admin/language_general.class.php and app/system/include/function/file.func.php.
Metinfo Metinfo 7.0.0
7.5
CVSSv3
CVE-2020-20981
A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows malicious users to access sensitive database information.
Metinfo Metinfo 7.0.0
9.8
CVSSv3
CVE-2020-21127
MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel.
Metinfo Metinfo 7.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »