2019-10-09 22:55:17
mitre
PUBLISHED
An issue was discovered in MetInfo 7.0. There is SQL injection via the admin/?n=user&c=admin_user&a=doGetUserInfo id parameter.