CVE-2017-14513
MetInfo 5.3.17 contains a directory traversal vulnerability that lets remote attackers read arbitrary INI-format files via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php. Exploitation could disclose sensitive data from the server. Affected software/component...