Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Metinfo 6.x. An attacker can leverage a race condition in the backend database backup function to execute arbitrary PHP code via admin/index.php?n=databack&c=index&a=dogetsql&tables=<?php and admin/databack/bakup_tables.php?2=file_put_contents URIs because app/system/databack/admin/index.class.php creates bakup_tables.php temporarily.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Metinfo 竞争条件安全漏洞
Vulnerability Description
MetInfo是中国米拓(MetInfo)公司的一套使用PHP和Mysql开发的内容管理系统(CMS)。 Metinfo 6.x版本中存在竞争条件漏洞,该漏洞源于网络系统或产品在运行过程中,并发代码需要互斥地访问共享资源时,对于并发访问的处理不当。
CVSS Information
N/A
Vulnerability Type
N/A