CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-7271

An issue was discovered in MetInfo 6.0.0. In install/install.php in the installation process, the config/config_db.php configuration file filtering is not rigorous: one can insert malicious code in the installation process to execute arbitrary commands or obtain a web shell.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.4%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 9.3

References

https://github.com/SQYY/CVE/blob/master/MetInfo_G.txt
https://github.com/SQYY/CVE/blob/master/MetInfo_G.txt

Products affected by CVE-2018-7271

Metinfo » Metinfo » Version: 6.0.0

cpe:2.3:a:metinfo:metinfo:6.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-7271

Products

Pricing

Contact Us