Metinfo
by Metinfo
Source repositories
CVEs (62)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-29014 | Cri | 0.66 | 9.8 | 0.40 | Apr 1, 2026 | MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution… | ||
| CVE-2018-12531 | Cri | 0.64 | 9.8 | 0.02 | Jun 18, 2018 | An issue was discovered in MetInfo 6.0.0. install\index.php allows remote attackers to write arbitrary PHP code into config_db.php, a different vulnerability than CVE-2018-7271. | ||
| CVE-2017-11715 | Cri | 0.64 | 9.8 | 0.01 | Jul 28, 2017 | job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related extensions, which might allow remote authenticated admins to execute arbitrary PHP code by uploading a .phtml file after certain actions involving admin/system/safe.php and job/cv.php. | ||
| CVE-2018-14420 | Hig | 0.57 | 8.8 | 0.01 | Jul 20, 2018 | MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI. | ||
| CVE-2018-9934 | Hig | 0.57 | 8.8 | 0.01 | Apr 10, 2018 | The reset-password feature in MetInfo 6.0 allows remote attackers to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker's control. | ||
| CVE-2017-11347 | Hig | 0.57 | 8.8 | 0.02 | Jul 17, 2017 | Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php. | ||
| CVE-2018-7271 | Hig | 0.53 | 8.1 | 0.02 | Feb 21, 2018 | An issue was discovered in MetInfo 6.0.0. In install/install.php in the installation process, the config/config_db.php configuration file filtering is not rigorous: one can insert malicious code in the installation process to execute arbitrary commands or obtain a web shell. | ||
| CVE-2017-11717 | Hig | 0.49 | 7.5 | 0.01 | Jul 28, 2017 | MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page. | ||
| CVE-2017-11500 | Hig | 0.49 | 7.5 | 0.02 | Jul 20, 2017 | A directory traversal vulnerability exists in MetInfo 5.3.17. A remote attacker can use ..\ to delete any .zip file via the filenames parameter to /admin/system/database/filedown.php. | ||
| CVE-2018-13024 | Hig | 0.47 | 7.2 | 0.01 | Jun 29, 2018 | Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action. | ||
| CVE-2018-12530 | Med | 0.42 | 6.5 | 0.02 | Jun 18, 2018 | An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF. | ||
| CVE-2018-9985 | Med | 0.40 | 6.1 | 0.01 | Apr 10, 2018 | The front page of MetInfo 6.0 allows XSS by sending a feedback message to an administrator. | ||
| CVE-2018-9928 | Med | 0.40 | 6.1 | 0.01 | Apr 10, 2018 | Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 allows remote attackers to inject arbitrary web script or HTML via the webname or weburl parameter. | ||
| CVE-2018-7721 | Med | 0.40 | 6.1 | 0.01 | Mar 7, 2018 | Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via /feedback/index.php because app/system/feedback/web/feedback.class.php mishandles input data. | ||
| CVE-2017-11718 | Med | 0.40 | 6.1 | 0.01 | Jul 28, 2017 | There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php. | ||
| CVE-2017-11716 | Med | 0.40 | 6.1 | 0.01 | Jul 28, 2017 | MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode. | ||
| CVE-2017-9764 | Med | 0.40 | 6.1 | 0.01 | Jul 19, 2017 | Cross-site scripting (XSS) vulnerability in MetInfo 5.3.17 allows remote attackers to inject arbitrary web script or HTML via the Client-IP or X-Forwarded-For HTTP header to /include/stat/stat.php in a para action. | ||
| CVE-2017-14513 | Med | 0.35 | 5.3 | 0.02 | Sep 17, 2017 | Directory traversal vulnerability in MetInfo 5.3.17 allows remote attackers to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php. | ||
| CVE-2017-6878 | Med | 0.35 | 5.4 | 0.01 | Mar 27, 2017 | Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php. | ||
| CVE-2018-17129 | Med | 0.32 | 4.9 | 0.01 | Sep 17, 2018 | MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/admin/feedback_admin.class.php via the class1 field. |
- risk 0.66cvss 9.8epss 0.40
MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in MetInfo 6.0.0. install\index.php allows remote attackers to write arbitrary PHP code into config_db.php, a different vulnerability than CVE-2018-7271.
- risk 0.64cvss 9.8epss 0.01
job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related extensions, which might allow remote authenticated admins to execute arbitrary PHP code by uploading a .phtml file after certain actions involving admin/system/safe.php and job/cv.php.
- risk 0.57cvss 8.8epss 0.01
MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI.
- risk 0.57cvss 8.8epss 0.01
The reset-password feature in MetInfo 6.0 allows remote attackers to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker's control.
- risk 0.57cvss 8.8epss 0.02
Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php.
- risk 0.53cvss 8.1epss 0.02
An issue was discovered in MetInfo 6.0.0. In install/install.php in the installation process, the config/config_db.php configuration file filtering is not rigorous: one can insert malicious code in the installation process to execute arbitrary commands or obtain a web shell.
- risk 0.49cvss 7.5epss 0.01
MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page.
- risk 0.49cvss 7.5epss 0.02
A directory traversal vulnerability exists in MetInfo 5.3.17. A remote attacker can use ..\ to delete any .zip file via the filenames parameter to /admin/system/database/filedown.php.
- risk 0.47cvss 7.2epss 0.01
Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action.
- risk 0.42cvss 6.5epss 0.02
An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.
- risk 0.40cvss 6.1epss 0.01
The front page of MetInfo 6.0 allows XSS by sending a feedback message to an administrator.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 allows remote attackers to inject arbitrary web script or HTML via the webname or weburl parameter.
- risk 0.40cvss 6.1epss 0.01
Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via /feedback/index.php because app/system/feedback/web/feedback.class.php mishandles input data.
- risk 0.40cvss 6.1epss 0.01
There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php.
- risk 0.40cvss 6.1epss 0.01
MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.17 allows remote attackers to inject arbitrary web script or HTML via the Client-IP or X-Forwarded-For HTTP header to /include/stat/stat.php in a para action.
- risk 0.35cvss 5.3epss 0.02
Directory traversal vulnerability in MetInfo 5.3.17 allows remote attackers to read information from any ini format file via the f_filename parameter in a fingerprintdo action to admin/app/physical/physical.php.
- risk 0.35cvss 5.4epss 0.01
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php.
- risk 0.32cvss 4.9epss 0.01
MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/admin/feedback_admin.class.php via the class1 field.
Page 1 of 4