Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in parameter_admin.class.php via the table_para parameter.
9.8CVSS
9.7AI Score
0.002EPSS
Metinfo v7.5.0 was discovered to contain a SQL injection vulnerability in language_general.class.php via doModifyParameter.
9.8CVSS
9.8AI Score
0.002EPSS
A Cross-Site Request Forgery (CSRF) in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account.
8.8CVSS
8.7AI Score
0.001EPSS