MidnightBSD

Advisories for metinfo_project

CVE-2017-11715 MEDIUM

job/uploadfile_save.php in MetInfo through 5.3.17 blocks the .php extension but not related extensions, which might allow remote authenticated admins to execute arbitrary PHP code by uploading a .phtml file after certain actions involving admin/system/safe.php and job/cv.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
metinfo_project metinfo *
CVE-2017-11716 MEDIUM

MetInfo through 5.3.17 allows stored XSS via HTML Edit Mode.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
metinfo_project metinfo *
CVE-2017-11717 MEDIUM

MetInfo through 5.3.17 accepts the same CAPTCHA response for 120 seconds, which makes it easier for remote attackers to bypass intended challenge requirements by modifying the client-server data stream, as demonstrated by the login/findpass page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-290,

Products Affected

Vendor Product Version
metinfo_project metinfo *
CVE-2017-11718 MEDIUM

There is URL Redirector Abuse in MetInfo through 5.3.17 via the gourl parameter to member/login.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-601,

Products Affected

Vendor Product Version
metinfo_project metinfo *