First published: Mon Sep 30 2019(Updated: )
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Metinfo Metinfo | =7.0.0-beta |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-16997 is a SQL Injection vulnerability discovered in Metinfo 7.0.0beta.
CVE-2019-16997 has a severity score of 7.2, which is classified as high.
To fix CVE-2019-16997, you should update to a version of Metinfo that is not affected by this vulnerability.
Metinfo 7.0.0beta is affected by CVE-2019-16997.
Yes, you can find more information about CVE-2019-16997 at the following link: [https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2](https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2)