SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=language_web&a=doAddLanguage.
7.2CVSS
7.5AI Score
0.001EPSS
9.8CVSS
9.8AI Score
0.002EPSS
SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.
9.8CVSS
9.8AI Score
0.002EPSS
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
6.1CVSS
6AI Score
0.001EPSS
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter.
9.8CVSS
9.7AI Score
0.002EPSS
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter.
9.8CVSS
9.8AI Score
0.002EPSS
A Cross-Site Request Forgery (CSRF) in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account.
8.8CVSS
8.7AI Score
0.001EPSS