Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
metinfo vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2020-19304
An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows malicious users to perform a directory traversal and access sensitive information.
Metinfo Metinfo 7.0.0
668
VMScore
CVE-2020-19305
An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the column is deleted, allowing malicious users to escalate privileges.
Metinfo Metinfo 7.0.0
383
VMScore
CVE-2018-19050
MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset parameter.
Metinfo Metinfo 6.1.3
383
VMScore
CVE-2018-19051
MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type parameter.
Metinfo Metinfo 6.1.3
383
VMScore
CVE-2018-9985
The front page of MetInfo 6.0 allows XSS by sending a feedback message to an administrator.
Metinfo Metinfo 6.0.0
435
VMScore
CVE-2010-4976
Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote malicious users to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). NOTE: some of these details are obtained from third party information.
Metinfo Metinfo 3.0
1 EDB exploit
605
VMScore
CVE-2020-18157
Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/index.php.
Metinfo Metinfo 6.1.3
668
VMScore
CVE-2020-18175
SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php.
Metinfo Metinfo 6.1.3
668
VMScore
CVE-2018-12531
An issue exists in MetInfo 6.0.0. install\index.php allows remote malicious users to write arbitrary PHP code into config_db.php, a different vulnerability than CVE-2018-7271.
Metinfo Metinfo 6.0.0
516
VMScore
CVE-2018-12530
An issue exists in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote malicious users to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.
Metinfo Metinfo 6.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »