VYPR
High severity7.2NVD Advisory· Published Jun 29, 2018· Updated Jun 17, 2026

CVE-2018-13024

CVE-2018-13024

Description

Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action.

Affected products

2
  • Metinfo/Metinfoinferred2 versions
    = 6.0.0+ 1 more
    • (no CPE)range: = 6.0.0
    • (no CPE)range: =6.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.