Metinfo: >> Metinfo >> 6.0.0 Security Vulnerabilities
A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE) injection, exists in MetInfo Content Management System (CMS) thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the server to initiate an HTTP request to an arbitrary internal or external network address. Successful exploitation could lead to internal network reconnaissance, port scanning, or the retrieval of sensitive information. The vulnerability may be present in the backend API called by or associated with the path `/admin/#/webset/?head_tab_active=0`, where user-provided XML data is processed.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-11-06
Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-07-19
An issue was discovered in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogetsql&tables=<?php and admin/databack/bakup_tables.php?2=file_put_contents URIs because app/system/databack/admin/index.class.php creates bakup_tables.php temporarily.
CVSS Score
8.1
EPSS Score
0.003
Published
2019-02-11
MetInfo 6.x through 6.1.3 has XSS via the /admin/login/login_check.php url_array[] parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-12-26
MetInfo 6.0.0 allows XSS via a modified name of the navigation bar on the home page.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-07-20
MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-07-20
Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action.
CVSS Score
7.2
EPSS Score
0.007
Published
2018-06-29
An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-06-18
An issue was discovered in MetInfo 6.0.0. install\index.php allows remote attackers to write arbitrary PHP code into config_db.php, a different vulnerability than CVE-2018-7271.
CVSS Score
9.8
EPSS Score
0.009
Published
2018-06-18
The front page of MetInfo 6.0 allows XSS by sending a feedback message to an administrator.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-04-10
Page 1