Vulnerabilities > Metinfo > Metinfo > 6.0.0

DATE CVE VULNERABILITY TITLE RISK
2018-04-10 CVE-2018-9928 Cross-site Scripting vulnerability in Metinfo 6.0.0
Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 allows remote attackers to inject arbitrary web script or HTML via the webname or weburl parameter.
network
metinfo CWE-79
4.3
4.3
2018-03-07 CVE-2018-7721 Cross-site Scripting vulnerability in Metinfo 6.0.0
Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via /feedback/index.php because app/system/feedback/web/feedback.class.php mishandles input data.
network
metinfo CWE-79
4.3
4.3
2018-02-21 CVE-2018-7271 Code Injection vulnerability in Metinfo 6.0.0
An issue was discovered in MetInfo 6.0.0.
network
metinfo CWE-94
critical
 9.3
9.3