Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-17676
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI.
Metinfo Metinfo 7.0.0
8.8
CVSSv3
CVE-2017-12789
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/interface/online/delete.php. The attack vector is: The administrator clicks on the malicious link in the login state.
Metinfo Metinfo 5.3.18
6.5
CVSSv3
CVE-2017-12790
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/index.php. The attack vector is: The administrator clicks on the malicious link in the login state.
Metinfo Metinfo 5.3.18
7.5
CVSSv3
CVE-2017-11500
A directory traversal vulnerability exists in MetInfo 5.3.17. A remote attacker can use ..\ to delete any .zip file via the filenames parameter to /admin/system/database/filedown.php.
Metinfo Metinfo 5.3.17
7.5
CVSSv3
CVE-2017-11717
MetInfo up to and including 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote malicious users to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page.
Metinfo Project Metinfo
6.1
CVSSv3
CVE-2017-11718
There is URL Redirector Abuse in MetInfo up to and including 5.3.17 via the gourl parameter to member/login.php.
Metinfo Project Metinfo
6.1
CVSSv3
CVE-2018-18296
MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in an n=column&a=doadd action.
Metinfo Metinfo 6.1.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6