CVE-2019-13969
https://notcve.org/view.php?id=CVE-2019-13969
19 Jul 2019 — Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request. Metinfo versión 6.x permite una inyección SQL mediante el parámetro id en una petición admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 • https://github.com/zhuxianjin/vuln_repo/blob/master/Metinfo%206.x%20Background%20SQL%20injection.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2019-7718
https://notcve.org/view.php?id=CVE-2019-7718
11 Feb 2019 — An issue was discovered in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogetsql&tables=<?php and admin/databack/bakup_tables.php?2=file_put_contents URIs because app/system/databack/admin/index.class.php creates bakup_tables.php temporarily. • https://github.com/jadacheng/vulnerability/blob/master/Metinfo6.x/MetInfo.md • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2018-20486
https://notcve.org/view.php?id=CVE-2018-20486
26 Dec 2018 — MetInfo 6.x through 6.1.3 has XSS via the /admin/login/login_check.php url_array[] parameter. MetInfo, desde las versiones 6.x hasta la 6.1.3, tiene Cross-Site Scripting (XSS) mediante el parámetro url_array[] en /admin/login/login_check.php. • https://forum.metinfo.cn/thread-1300-1-1.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-14419
https://notcve.org/view.php?id=CVE-2018-14419
19 Jul 2018 — MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page. MetInfo 6.0.0 permite Cross-Site Scripting (XSS) mediante un nombre modificado de la barra de navegación en la página principal. • https://github.com/AvaterXXX/Metinfo---XSS/blob/master/test • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-14420
https://notcve.org/view.php?id=CVE-2018-14420
19 Jul 2018 — MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI. MetInfo 6.0.0 permite que un ataque Cross-Site Request Forgery (CSRF) añada una cuenta de usuario mediante una acción doaddsave en admin/index.php, tal y como queda demostrado con un URI admin/index.php?anyid=47n=adminc=admin_admina=doaddsave. • https://github.com/AvaterXXX/Metinfo---XSS/blob/master/CSRF • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2018-13024
https://notcve.org/view.php?id=CVE-2018-13024
29 Jun 2018 — Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action. Metinfo v6.0.0 permite a los atacantes remotos escribir código en un archivo .php y ejecutar ese código a través del parámetro module en admin/column/save.php en una acción de carga del editor. • http://www.kingkk.com/2018/06/Metinfo-v6-0-0-getshell-in-background • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2018-12530
https://notcve.org/view.php?id=CVE-2018-12530
18 Jun 2018 — An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF. Se ha descubierto un problema en MetInfo 6.0.0. admin/app/batch/csvup.php permite que atacantes remotos eliminen archivos arbitrarios mediante un salto de directorio en flienamecsv=../. Esto puede explotarse mediante Cross-Site Request Forgery (CSRF). • https://github.com/summ3rf/Vulner/blob/master/Metinfo.md • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2018-12531
https://notcve.org/view.php?id=CVE-2018-12531
18 Jun 2018 — An issue was discovered in MetInfo 6.0.0. install\index.php allows remote attackers to write arbitrary PHP code into config_db.php, a different vulnerability than CVE-2018-7271. Se ha descubierto un problema en MetInfo 6.0.0. install\index.php permite que atacantes remotos escriban código PHP arbitrario en config_db.php. Esta vulnerabilidad es diferente de CVE-2018-7271. • https://github.com/summ3rf/Vulner/blob/master/Metinfo.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2018-9985
https://notcve.org/view.php?id=CVE-2018-9985
10 Apr 2018 — The front page of MetInfo 6.0 allows XSS by sending a feedback message to an administrator. La página principal de MetInfo 6.0 permite Cross-Site Scripting (XSS) mediante el envío de un mensaje de feedback a un administrador. • https://github.com/learnsec6/test/issues/1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-9934
https://notcve.org/view.php?id=CVE-2018-9934
10 Apr 2018 — The reset-password feature in MetInfo 6.0 allows remote attackers to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker's control. La característica reset-password en MetInfo 6.0 permite que atacantes remotos cambien contraseñas arbitrarias mediante vectores relacionados con una cabecera de Host HTTP que se modifica para especificar un servidor web bajo el control del atacante. • http://www.cnblogs.com/babers/p/8503116.html •