Tag: cve 2026 29014

1 article

Laptop screen displays a content management system dashboard in a brightly-lit office setting.

MetInfo CMS Flaw Exploited for Remote Code Execution Attacks

A critical flaw in the MetInfo content management system, CVE-2026-29014, allows remote attackers to execute arbitrary code with a CVSS score of 9.8, putting your site at risk of full takeover. This unauthenticated PHP code-injection vulnerability affects versions 7.9, 8.0, and 8.1, and can be exploited with crafted requests containing malicious PHP code.

Analyst 207May 5, 2026