Metinfo: >> Metinfo Security Vulnerabilities
Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php.
CVSS Score
8.8
EPSS Score
0.015
Published
2017-07-17
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php.
CVSS Score
5.4
EPSS Score
0.003
Published
2017-03-27
Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers to inject arbitrary web script or HTML via the searchword parameter (aka Search Box field). NOTE: some of these details are obtained from third party information.
CVSS Score
4.3
EPSS Score
0.074
Published
2011-11-01
Page 6