3 matches found
CVE-2022-22295
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameteradmin.class.php via the tablepara parameter...
CVE-2020-20981
A SQL injection in the /admin/?n=logs=index=dolist component of Metinfo 7.0 allows attackers to access sensitive database information...
CVE-2019-17676
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI...