Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-9985
The front page of MetInfo 6.0 allows XSS by sending a feedback message to an administrator.
Metinfo Metinfo 6.0.0
5
CVSSv2
CVE-2017-14513
Directory traversal vulnerability in MetInfo 5.3.17 allows remote malicious users to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php.
Metinfo Metinfo 5.3.17
4.3
CVSSv2
CVE-2018-19050
MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset parameter.
Metinfo Metinfo 6.1.3
4.3
CVSSv2
CVE-2018-19051
MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type parameter.
Metinfo Metinfo 6.1.3
5
CVSSv2
CVE-2020-20585
A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows malicious users to access sensitive database information.
Metinfo Metinfo 7.0.0
6.5
CVSSv2
CVE-2019-16997
In Metinfo 7.0.0beta, a SQL Injection exists in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.
Metinfo Metinfo 7.0.0
4.3
CVSSv2
CVE-2017-12788
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote malicious users to inject arbitrary web script or HTML via the (1) class1 parameter or the (2) anyid parameter.
Metinfo Metinfo 5.3.18
6.8
CVSSv2
CVE-2017-12789
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state.
Metinfo Metinfo 5.3.18
6.5
CVSSv2
CVE-2019-17418
An issue exists in MetInfo 7.0. There is SQL injection via the admin/?n=language&c=language_general&a=doSearchParameter appno parameter, a different issue than CVE-2019-16997.
Metinfo Metinfo 7.0.0
6.5
CVSSv2
CVE-2019-17419
An issue exists in MetInfo 7.0. There is SQL injection via the admin/?n=user&c=admin_user&a=doGetUserInfo id parameter.
Metinfo Metinfo 7.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »