Lucene search
K

693 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:2 p.m.7 views

CVE-2018-19051

MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abttype parameter...

6.1CVSS5.9AI score0.00675EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:59 a.m.8 views

CVE-2018-19050

MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset parameter...

6.1CVSS5.9AI score0.00675EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:54 a.m.8 views

CVE-2022-23335

Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in languagegeneral.class.php via doModifyParameter...

9.8CVSS8.3AI score0.01575EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:38 a.m.6 views

CVE-2017-12790

Metinfo 5.3.18 is affected by: Cross Site Request Forgery CSRF. The impact is: Information Disclosure remote. The component is: admin/index.php. The attack vector is: The administrator clicks on the malicious link in the login state...

6.5CVSS6.3AI score0.00678EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:37 a.m.8 views

CVE-2019-7718

An issue was discovered in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack=index=dogetsql=...

8.1CVSS8.4AI score0.01013EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:33 a.m.7 views

CVE-2019-16996

In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/productadmin.class.php via the admin/?n=product=productadmin=doparatype=shop id parameter...

7.2CVSS8.1AI score0.12443EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:30 a.m.12 views

CVE-2019-16997

In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/languagegeneral.class.php via the admin/?n=language=languagegeneral=doExportPack appno parameter...

7.2CVSS8AI score0.49398EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/11/07 12:19 a.m.17 views

CVE-2025-63551

A Server-Side Request Forgery SSRF vulnerability, achievable through an XML External Entity XXE injection, exists in MetInfo Content Management System CMS thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the...

7.5CVSS7AI score0.0046EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/06 9:31 p.m.4 views

EUVD-2025-38154

A Server-Side Request Forgery SSRF vulnerability, achievable through an XML External Entity XXE injection, exists in MetInfo Content Management System CMS thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the...

6.5AI score0.0046EPSS
Exploits1References3
NVD
NVD
added 2025/11/06 7:15 p.m.4 views

CVE-2025-63551

A Server-Side Request Forgery SSRF vulnerability, achievable through an XML External Entity XXE injection, exists in MetInfo Content Management System CMS thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the...

7.5CVSS0.0046EPSS
Exploits1References2
OSV
OSV
added 2025/11/06 7:15 p.m.3 views

CVE-2025-63551

A Server-Side Request Forgery SSRF vulnerability, achievable through an XML External Entity XXE injection, exists in MetInfo Content Management System CMS thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the...

7.5CVSS5.8AI score0.0046EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/06 12:0 a.m.10 views

CVE-2025-63551

A Server-Side Request Forgery SSRF vulnerability, achievable through an XML External Entity XXE injection, exists in MetInfo Content Management System CMS thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the...

6.6AI score0.0046EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/06 12:0 a.m.11 views

CVE-2025-63551

A Server-Side Request Forgery SSRF vulnerability, achievable through an XML External Entity XXE injection, exists in MetInfo Content Management System CMS thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the...

0.0046EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/11/06 12:0 a.m.3 views

MetInfo CMS 安全漏洞

MetInfo CMS is a content management system from China Mito MetInfo. A security vulnerability exists in MetInfo CMS 8.1 and prior versions, which stems from a flaw in the XML parsing logic and could lead to a server-side request forgery attack...

7.5CVSS6.7AI score0.0046EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/11/06 12:0 a.m.16 views

PT-2025-45352

Name of the Vulnerable Software and Affected Versions MetInfo Content Management System CMS versions through 8.1 Description A Server-Side Request Forgery SSRF issue, achievable through an XML External Entity XXE injection, exists. The flaw is due to a defect in the XML parsing logic, allowing an...

7.5CVSS5.8AI score0.0046EPSS
Exploits1References5
CVE
CVE
added 2025/11/06 12:0 a.m.23 views

CVE-2025-63551

MetInfo CMS, up to version 8.1, contains an SSRF flaw exploitable via XXE in its XML parsing logic. An attacker can craft a malicious XML entity that makes the server issue an HTTP request to an internal or external address, potentially enabling internal network reconnaissance, port scanning, or ...

7.5CVSS6.6AI score0.0046EPSS
Exploits1References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-4328

Malware in sbrugna...

8.8CVSS8.8AI score0.00661EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-3118

Malware in sbrugna...

7.5CVSS7.5AI score0.01558EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-10767

Malware in sbrugna...

6.1CVSS6.3AI score0.00675EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-3325

Malware in sbrugna...

9.8CVSS9.5AI score0.01492EPSS
Exploits1References2
Rows per page
Query Builder