SQL Injection Vulnerability in Metinfo 6.x via id Parameter in admin/index.php

SQL Injection Vulnerability in Metinfo 6.x via id Parameter in admin/index.php

CVE-2019-13969 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Metinfo 6.x allows SQL Injection via the id parameter in an admin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1 request.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.