What is CVE-2019-16997?

CVE-2019-16997 is a vulnerability in N/a. Published 2019-09-30.

Is CVE-2019-16997 known to be exploited?

6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-16997

In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/language/admin/language_general.class.php via the admin/?n=language&c=language_general&a=doExportPack appno parameter.

EPSS: 0.937 (99.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0ps/pocassistdb
20142995/nuclei-templates
ARPSyndicate/cvemon
ARPSyndicate/kenzer-templates
jweny/pocassistdb
zhibx/fscan-Intranet

References

github.com/XiaOkuoAi/XiaOkuoAi.github.io/issues/2 (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-16997?: CVE-2019-16997 is a vulnerability in N/a. Published 2019-09-30.
Is CVE-2019-16997 known to be exploited?: 6 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.