CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-13024

Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 72.7%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

http://www.kingkk.com/2018/06/Metinfo-v6-0-0-getshell-in-background/
http://www.kingkk.com/2018/06/Metinfo-v6-0-0-getshell-in-background/

Products affected by CVE-2018-13024

Metinfo » Metinfo » Version: 6.0.0

cpe:2.3:a:metinfo:metinfo:6.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-13024

Products

Pricing

Contact Us