Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-11716
MetInfo up to and including 5.3.17 allows stored XSS via HTML Edit Mode.
Metinfo Project Metinfo
6.1
CVSSv3
CVE-2017-11718
There is URL Redirector Abuse in MetInfo up to and including 5.3.17 via the gourl parameter to member/login.php.
Metinfo Project Metinfo
7.5
CVSSv3
CVE-2017-11717
MetInfo up to and including 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote malicious users to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page.
Metinfo Project Metinfo
6.1
CVSSv3
CVE-2017-9764
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.17 allows remote malicious users to inject arbitrary web script or HTML via the Client-IP or X-Forwarded-For HTTP header to /include/stat/stat.php in a para action.
Metinfo Metinfo 5.3.17
9.8
CVSSv3
CVE-2020-21127
MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel.
Metinfo Metinfo 7.0.0
9.8
CVSSv3
CVE-2020-21132
SQL Injection vulnerability in Metinfo 7.0.0beta in index.php.
Metinfo Metinfo 7.0.0
9.8
CVSSv3
CVE-2020-21133
SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.
Metinfo Metinfo 7.0.0
6.1
CVSSv3
CVE-2018-9928
Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 allows remote malicious users to inject arbitrary web script or HTML via the webname or weburl parameter.
Metinfo Metinfo 6.0.0
8.8
CVSSv3
CVE-2018-9934
The reset-password feature in MetInfo 6.0 allows remote malicious users to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker's control.
Metinfo Metinfo 6.0.0
7.2
CVSSv3
CVE-2019-16996
In Metinfo 7.0.0beta, a SQL Injection exists in app/system/product/admin/product_admin.class.php via the admin/?n=product&c=product_admin&a=dopara&app_type=shop id parameter.
Metinfo Metinfo 7.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »