CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-19305

An issue in /app/system/column/admin/index.class.php of Metinfo v7.0.0 causes the indeximg parameter to be deleted when the column is deleted, allowing attackers to escalate privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://cwe.mitre.org/data/definitions/36.html
https://github.com/MRdoulestar/CodeAnalyse/issues/2
https://cwe.mitre.org/data/definitions/36.html
https://github.com/MRdoulestar/CodeAnalyse/issues/2

Products affected by CVE-2020-19305

Metinfo » Metinfo » Version: 7.0.0

cpe:2.3:a:metinfo:metinfo:7.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-19305

Products

Pricing

Contact Us