MetInfo is a content management system (CMS) developed using PHP and Mysql. A SQL injection vulnerability exists in Metinfo, which stems from the productβs failure to secure the special characters in the doModify parameter in the language_general.class.php file. An attacker could exploit this vulnerability to execute malicious SQL.