New Features

Security Center - SC - Vulnerability Scanner Plugin for SQL Injections on the Metinfo Homepage Is Released

On Oct 16, 2018, the emergency response center identified SQL injection as a potential threat that can exploit a new vulnerability on the homepage of Metinfo 6.1.2.
Content

Target customers: Metinfo users. Features released: On Oct 16, 2018, the emergency response center identified SQL injection as a potential threat that can exploit a new vulnerability on the homepage of Metinfo 6.1.2. Attackers can exploit the vulnerability to obtain sensitive data and unauthorized access to a website database using nefarious SQL statements. Vulnerability description: In the vulnerability file: metinfo6.1.2/app/system/message/web/message.class.php, the id parameter is incorrectly filtered, which results in SQL injections. Vulnerability severity: High. Vulnerability name: CNVD-2018-20024. Attack scope: Metinfo 6.1.2.

7th Gen ECS Is Now Available

Increase instance computing power by up to 40% and Fully equipped with TPM chips.
Powered by Third-generation Intel® Xeon® Scalable processors (Ice Lake).

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.