Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

CNVD
CNVDadded 2021/07/15 12:0 a.m.5 views

MetInfo SQL Injection Vulnerability (CNVD-2021-51805)

Metinfo MetInfo is a content management system CMS developed by China Mito Metinfo using PHP and Mysql. A SQL injection vulnerability exists in getpassword.php in Metinfo 7.0.0beta, which arises from a database-based application that lacks validation of externally entered SQL statements. An...

9.8CVSS8AI score0.00546EPSS
Exploits1References1
NVD
NVDadded 2021/07/12 1:15 p.m.12 views

CVE-2020-21133

SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid...

9.8CVSS0.00546EPSS
Exploits1References2
Prion
Prionadded 2021/07/12 1:15 p.m.21 views

Sql injection

SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid...

7.5CVSS9.8AI score0.00546EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2021/07/12 12:45 p.m.11 views

CVE-2020-21133

SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid...

9.9AI score0.00546EPSS
Exploits1References2
OSV
OSVadded 2021/05/13 3:15 p.m.0 views

CVE-2020-21342

Insecure permissions issue in zzcms 201910 via the reset any user password in /one/getpassword.php...

7.5CVSS7.1AI score
Exploits0References1
Prion
Prionadded 2021/05/13 3:15 p.m.9 views

Default credentials

Insecure permissions issue in zzcms 201910 via the reset any user password in /one/getpassword.php...

5CVSS7.7AI score0.00136EPSS
Exploits1References1Affected Software1
CVE
CVEadded 2021/05/13 2:42 p.m.34 views

CVE-2020-21342

CVE-2020-21342 affects the zzcms web application (version 201910). The issue is an insecure permissions weakness in the password reset flow, specifically via /one/getpassword.php, allowing an attacker to reset any user password. Root cause described as improperly designed or implemented code for ...

7.5CVSS7.6AI score0.00136EPSS
Exploits1References1Affected Software1
seebug.org
seebug.orgadded 2018/02/08 12:0 a.m.54 views

zzcms 8.2 任意用户密码修改

zzcms 8.2 任意用户密码修改 漏洞描述 zzcms是一款企业建站程序。 zzcms 8.2版本/one/getpassword.php文件存在漏洞,攻击者可利用该漏洞修改任意用户密码。 漏洞分析 /one/getpassword.php文件第 73行,触发漏洞的关键代码。 elseif$action=="step3" && @$SESSION'username'!='' $passwordtrue = isset$POST'password'?$POST'password':""; $password=md5trim$passwordtrue; query"update...

2.2AI score
Exploits0
seebug.org
seebug.orgadded 2013/10/22 12:0 a.m.34 views

Metinfo 5.1 /member/getpassword.php SQL注入漏洞

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2013/05/03 12:0 a.m.39 views

MetInfo 5.1 /admin/admin/getpassword.php SQL注入漏洞

MetInfo是国内一款比较流行的企业网站管理系统,其5.1版本/admin/admin/getpassword.php文件中的第8行代码处$array0变量最终来在外界传入的变量$p,而且$array0直接拼接到SQL查询语句中,导致了SQL注入漏洞的产生。 MetInfo 5.1...

7.1AI score
Exploits0
Rows per page
Query Builder