CVE-2018-12531
MetInfo 6.0.0 contains a remote code execution vulnerability: during installation, install/index.php allows attackers to write arbitrary PHP into config_db.php, enabling web shell/command execution. Affected component is the install/config path in MetInfo 6.0.0; root cause is insufficient filteri...