WordPress 5.3.x < 5.3.17 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A PHP file upload bypass via Plugin Installer requiring admin privileges. - An RCE POP Chains vulnerability. Note that the scanner has not tested for these issues but has...

MetInfo Directory Traversal Vulnerability

MetInfo is a content management system CMS developed using PHP and Mysql by China Mito Information Technology Ltd. A directory traversal vulnerability exists in MetInfo version 5.3.17. A remote attacker can exploit this vulnerability to read information in an ini format file...

CVE-2017-14513

Directory traversal vulnerability in MetInfo 5.3.17 allows remote attackers to read information from any ini format file via the ffilename parameter in a fingerprintdo action to admin/app/physical/physical.php...

MetInfo has a logic flaw

MetInfo is a Content Management System CMS developed using PHP and Mysql. A logic vulnerability exists in MetInfo 5.3.17 and earlier versions. A remote attacker can exploit this vulnerability by changing the data flow between client servers to bypass captcha...

MetInfo Code Execution Vulnerability

MetInfo is a Content Management System CMS developed using PHP and Mysql. An arbitrary code execution vulnerability exists in MetInfo version 5.3.17. A remote attacker can exploit this vulnerability to create PHP scripts with malicious images...