Vulnerabilities > Metinfo
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-17 | CVE-2017-11347 | Unspecified vulnerability in Metinfo 5.3.17 Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php. | 6.5 |
2017-03-27 | CVE-2017-6878 | Cross-site Scripting vulnerability in Metinfo 5.3.15 Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php. | 3.5 |
2011-11-01 | CVE-2010-4976 | Cross-Site Scripting vulnerability in Metinfo 3.0 Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). | 4.3 |