CVE-2026-29014 in CMSinformación

Resumen (Inglés)

MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution path to achieve remote code execution and gain full control over the affected server.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Responsable

VulnCheck

Reservar

2026-03-03

Divulgación

2026-04-01

Estado

Confirmado

Voces

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilidadCWEExpConCVE
354642MetInfo CMS escalada de privilegios94No está definidoNo está definidoCVE-2026-29014

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

Fuentes

AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!