MetInfo 7.0.0

CPE Details

MetInfo 7.0.0
metinfo
metinfo
7.0.0
2020-03-03
16h33 +00:00
2020-03-03
16h33 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:metinfo:metinfo:7.0.0:-:*:*:*:*:*:*

Informations

Vendor

metinfo

Product

metinfo

Version

7.0.0

Update

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-21127 2021-09-15 14h16 +00:00 MetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&c=index&a=dodel.
9.8
Critical
CVE-2020-21126 2021-09-15 14h16 +00:00 MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&c=index&a=doSaveInfo.
8.8
High
CVE-2020-20981 2021-08-12 12h49 +00:00 A SQL injection in the /admin/?n=logs&c=index&a=dolist component of Metinfo 7.0 allows attackers to access sensitive database information.
7.5
High
CVE-2020-19305 2021-08-03 19h24 +00:00 An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the column is deleted, allowing attackers to escalate privileges.
9.8
Critical
CVE-2020-19304 2021-08-03 19h24 +00:00 An issue in /admin/index.php?n=system&c=filept&a=doGetFileList of Metinfo v7.0.0 allows attackers to perform a directory traversal and access sensitive information.
7.5
High
CVE-2020-21517 2021-06-21 12h55 +00:00 Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.
6.1
Medium