2 matches found
CVE-2018-13024
Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action...
CVE-2018-13024
MetInfo v6.0.0 is affected by a remote code execution vulnerability that allows an attacker to write PHP code to a file via the module parameter to admin/column/save.php in an editor upload action. Affected component: MetInfo CMS, version 6.0.0. The underlying issue is the ability to write to a ....