15 matches found
CVE-2019-16997
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/languagegeneral.class.php via the admin/?n=language=languagegeneral=doExportPack appno parameter...
EUVD-2020-13908
Malware in sbrugna...
CVE-2020-21131
SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language=languageweb=doAddLanguage...
CVE-2020-21131
SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=languageweb&a=doAddLanguage...
CVE-2020-21132
SQL Injection vulnerability in Metinfo 7.0.0beta in index.php...
Sql injection
SQL Injection vulnerability in Metinfo 7.0.0beta in index.php...
Sql injection
SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=languageweb&a=doAddLanguage...
CVE-2020-21132
SQL Injection vulnerability in Metinfo 7.0.0beta in index.php...
CVE-2020-21132
MetInfo 7.0.0beta SQL injection in index.php is exposed. The vulnerability stems from lack of validation of externally entered SQL statements, allowing an attacker to execute arbitrary SQL. CVSS details indicate high to critical impact across confidentiality, integrity, and availability (C:H, I:H...
CVE-2020-21131
SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=languageweb&a=doAddLanguage...
CVE-2019-17676
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI...
Cross site request forgery (csrf)
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI...
CVE-2019-17676
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI...
CVE-2019-16996
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/productadmin.class.php via the admin/?n=product&c=productadmin&a=dopara&apptype=shop id parameter...
Sql injection
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/productadmin.class.php via the admin/?n=product&c=productadmin&a=dopara&apptype=shop id parameter...