A blind SQL injection in /admin/?n=logs&c=index&a=dode of Metinfo 7.0 beta allows attackers to access sensitive database information.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20585
Reference (s):
- http://metinfo.com
- https://github.com/0xyu/PHP_Learning/issues/3
- https://www.metinfo.cn/