Lucene search
+L

64 matches found

CNVD
CNVD
added 2017/07/26 12:0 a.m.5 views

File Upload Vulnerability in MetInfo System

MetInfo is a Content Management System CMS developed using PHP and Mysql. A file vulnerability exists in the job/uploadfilesave.php file in MetInfo 5.3.17 and earlier versions, which stems from the program only blocking .php extensions and failing to block its related extensions. A remote attacke...

9.8CVSS9.8AI score0.01492EPSS
Exploits1
CNVD
CNVD
added 2017/06/21 12:0 a.m.4 views

File upload vulnerability in the latest version of metinfo

metinfo cms is an enterprise website management system with PHP Mysql architecture. A file upload vulnerability exists in metinfo cms due to the system not effectively filtering the depth variable. An attacker can use this vulnerability to bypass the include file and upload a webshell to gain...

7.3AI score
Exploits0
CNVD
CNVD
added 2017/04/27 12:0 a.m.4 views

Cross-site scripting and cross-site request forgery vulnerabilities in metinfo

metinfo cms is an enterprise website management system with PHP Mysql architecture. There are cross-site scripting and cross-site request forgery vulnerabilities in metinfo. metinfocms "background settings-basic information-third-party code" form does not have token validation and effective...

6.1AI score
Exploits0
CNVD
CNVD
added 2017/04/24 12:0 a.m.2 views

metinfo cms has csrf vulnerability

metinfo cms is an enterprise website management system with PHP Mysql architecture. metinfo cms has a csrf vulnerability, which can be exploited by attackers to add administrators without restriction...

6.9AI score
Exploits0
Rows per page
Query Builder