3 matches found
MetInfo cross-site scripting vulnerability (CNVD-2017-27794)
MetInfo is a Content Management System CMS developed using PHP and Mysql. A cross-site scripting vulnerability exists in MetInfo 5.3.17 and earlier versions. The vulnerability can be exploited by remote attackers to inject arbitrary web script or HTML via HTML Edit Mode...
CVE-2017-11716
MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode...
PT-2012-5963 · Microsoft +1 · Windows 8 +4
Name of the Vulnerable Software and Affected Versions: PHP version 5.3.17 Description: The issue is related to an untrusted search path vulnerability in the installation functionality of PHP. This vulnerability might allow local users to gain privileges via a Trojan horse DLL in the C:PHP...