MetInfo is a content management system (CMS) developed using PHP and Mysql. A SQL injection vulnerability exists in Metinfo, which stems from the productβs failure to secure the special characters in the table_para parameter in the parameter_admin.class.php file. An attacker could exploit this vulnerability to execute malicious SQL.