Vulnerabilities > Metinfo

DATE CVE VULNERABILITY TITLE RISK
2021-07-12 CVE-2020-21131 SQL Injection vulnerability in Metinfo 7.0.0
SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=language_web&a=doAddLanguage.
network
low complexity
metinfo CWE-89
6.5
2021-07-12 CVE-2020-21132 SQL Injection vulnerability in Metinfo 7.0.0
SQL Injection vulnerability in Metinfo 7.0.0beta in index.php.
network
low complexity
metinfo CWE-89
7.5
2021-07-12 CVE-2020-21133 SQL Injection vulnerability in Metinfo 7.0.0
SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.
network
low complexity
metinfo CWE-89
7.5
2021-07-08 CVE-2020-20585 SQL Injection vulnerability in Metinfo 7.0.0
A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows attackers to access sensitive database information.
network
low complexity
metinfo CWE-89
5.0
2021-06-21 CVE-2020-21517 Cross-Site Scripting vulnerability in Metinfo 7.0.0
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
network
metinfo CWE-79
4.3
2021-05-24 CVE-2020-20907 Improper Input Validation vulnerability in Metinfo 7.0.0
MetInfo 7.0 beta is affected by a file modification vulnerability.
network
low complexity
metinfo CWE-20
6.4
2020-09-30 CVE-2020-20800 SQL Injection vulnerability in Metinfo 7.0.0
An issue was discovered in MetInfo v7.0.0 beta.
network
low complexity
metinfo CWE-89
7.5
2019-10-17 CVE-2019-17676 Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 7.0.0
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI.
network
metinfo CWE-352
6.8
2019-10-14 CVE-2019-17553 SQL Injection vulnerability in Metinfo 7.0.0
An issue was discovered in MetInfo v7.0.0 beta.
network
low complexity
metinfo CWE-89
7.5
2019-10-10 CVE-2019-17419 SQL Injection vulnerability in Metinfo 7.0.0
An issue was discovered in MetInfo 7.0.
network
low complexity
metinfo CWE-89
6.5