Known Vulnerabilities for products from Metinfo

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Metinfo".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2020-21517 Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php. 6.1 - MEDIUM 2021-06-21 2021-06-22
CVE-2020-21133 SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid. 9.8 - CRITICAL 2021-07-12 2021-07-12
CVE-2020-21132 SQL Injection vulnerability in Metinfo 7.0.0beta in index.php. 9.8 - CRITICAL 2021-07-12 2021-07-12
CVE-2020-21131 SQL Injection vulnerability in MetInfo 7.0.0beta via admin/?n=language&c=language_web&a=doAddLanguage. 7.2 - HIGH 2021-07-12 2021-07-12
CVE-2020-21127 MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel. 9.8 - CRITICAL 2021-09-15 2021-09-23
CVE-2020-21126 MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&c=index&a=doSaveInfo. 8.8 - HIGH 2021-09-15 2021-09-23
CVE-2020-20981 A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database... 7.5 - HIGH 2021-08-12 2021-08-12
CVE-2020-20907 MetInfo 7.0 beta is affected by a file modification vulnerability. Attackers can delete and modify ini files in app/system/la... 9.1 - CRITICAL 2021-05-24 2021-05-28
CVE-2020-20800 An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the install/index.php?action=adminsetup&cndata=yes... 9.8 - CRITICAL 2020-09-30 2020-10-02
CVE-2020-20585 A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows attackers to access sensitive database info... 7.5 - HIGH 2021-07-08 2021-07-12
CVE-2020-19305 An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the c... 9.8 - CRITICAL 2021-08-03 2021-08-11
CVE-2020-19304 An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows attackers to perform a directory trav... 7.5 - HIGH 2021-08-03 2021-08-03
CVE-2020-18175 SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php. 9.8 - CRITICAL 2021-07-30 2021-08-03
CVE-2020-18157 Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/index.php. 8.8 - HIGH 2021-07-30 2021-08-03
CVE-2019-17676 app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup acti... 8.8 - HIGH 2019-10-17 2019-10-21
CVE-2019-17553 An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection via the admin/?n=tags&c=index&a=doSaveTags URI. 9.8 - CRITICAL 2019-10-14 2019-10-17
CVE-2019-17419 An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=user&c=admin_user&a=doGetUserInfo id paramete... 7.2 - HIGH 2019-10-10 2019-10-10
CVE-2019-17418 An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=language&c=language_general&a=doSearchParamet... 7.2 - HIGH 2019-10-10 2019-10-10
CVE-2019-16997 In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n... 7.2 - HIGH 2019-09-30 2019-10-04
CVE-2019-16996 In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/product/admin/product_admin.class.php via the admin/?n=pro... 7.2 - HIGH 2019-09-30 2019-10-04

Known software with vulnerabilities from Metinfo

Type Vendor Product Version

Popular searches for "Metinfo"


H DMetInfo-CMS MetInfo S,10,6,,,SEO,,

Version 7 Unix Conversational Monitor System Content management system Cryptographic Message Syntax Compact Muon Solenoid Inc. (magazine) OS X Yosemite USB Iterative closest point Centers for Medicare and Medicaid Services Inductively coupled plasma 2020 NHL Entry Draft Important Cultural Property (Japan) .cn 2020 United States presidential election International Center of Photography UEFA Euro 2020 Basketball at the 2020 Summer Olympics 2020 NFL Draft Church Mission Society


J F-

Personal computer Tencent QQ Packet Assembler/Disassembler Asteroid family Xbox 360 PlayStation controller Version 7 Unix USB Microsoft Windows Android (operating system) IBM PC compatible Chinese characters QQ Music File system permissions QQLive Important Cultural Property (Japan) 2008 in video gaming Inc. (magazine) Iterative closest point People's Alliance for Democracy