CVE-2019-16997: SQL Injection
First published: Mon Sep 30 2019(Updated: )
In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Metinfo Metinfo | =7.0.0-beta |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-16997?
CVE-2019-16997 is a SQL Injection vulnerability discovered in Metinfo 7.0.0beta.
How severe is CVE-2019-16997?
CVE-2019-16997 has a severity score of 7.2, which is classified as high.
How can I fix CVE-2019-16997?
To fix CVE-2019-16997, you should update to a version of Metinfo that is not affected by this vulnerability.
What software versions are affected by CVE-2019-16997?
Metinfo 7.0.0beta is affected by CVE-2019-16997.
Is there any reference link available for more information about CVE-2019-16997?
Yes, you can find more information about CVE-2019-16997 at the following link: [https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2](https://github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2)
- collector/nvd-index
- vendor/metinfo
- product/metinfo
- canonical/metinfo metinfo