CVE-2020-21133: SQL Injection
First published: Mon Jul 12 2021(Updated: )
SQL Injection vulnerability in Metinfo 7.0.0 beta in member/getpassword.php?lang=cn&a=dovalid.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Metinfo Metinfo | =7.0.0-beta |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-21133?
CVE-2020-21133 is a SQL Injection vulnerability discovered in Metinfo 7.0.0 beta in the member/getpassword.php?lang=cn&a=dovalid script.
What is the severity of CVE-2020-21133?
CVE-2020-21133 has a severity rating of 9.8, which is considered critical.
How can the SQL Injection vulnerability be exploited?
The SQL Injection vulnerability in Metinfo 7.0.0 beta can be exploited by inserting malicious SQL statements in the 'lang' parameter of the member/getpassword.php?lang=cn&a=dovalid script.
What is the affected software for CVE-2020-21133?
The affected software is Metinfo 7.0.0 beta.
How can I fix the SQL Injection vulnerability in Metinfo 7.0.0 beta?
To fix the SQL Injection vulnerability in Metinfo 7.0.0 beta, it is recommended to update to a patched version or apply the necessary security patches provided by the vendor.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-index
- vendor/metinfo
- canonical/metinfo metinfo
- version/metinfo metinfo/7.0.0-beta