First published: Mon Jul 12 2021(Updated: )
SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Metinfo Metinfo | =7.0.0-beta |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-21133 is a SQL Injection vulnerability discovered in Metinfo 7.0.0 beta in the member/getpassword.php?lang=cn&a=dovalid script.
CVE-2020-21133 has a severity rating of 9.8, which is considered critical.
The SQL Injection vulnerability in Metinfo 7.0.0 beta can be exploited by inserting malicious SQL statements in the 'lang' parameter of the member/getpassword.php?lang=cn&a=dovalid script.
The affected software is Metinfo 7.0.0 beta.
To fix the SQL Injection vulnerability in Metinfo 7.0.0 beta, it is recommended to update to a patched version or apply the necessary security patches provided by the vendor.