CVE-2020-21127

Name of the Vulnerable Software and Affected Versions: MetInfo version 7.0.0

Description: The issue is a SQL injection vulnerability. It can be exploited via the "admin/?n=logs&c=index&a=dodel" API endpoint. The vulnerability allows for SQL injection attacks, potentially leading to unauthorized access to sensitive data.

Recommendations: For MetInfo version 7.0.0, as a temporary workaround, consider restricting access to the "admin/?n=logs&c=index&a=dodel" API endpoint until a patch is available. Avoid using the a parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.