Analyzed
1 day
ago.
based on code collected
1 day
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2018-0672 | BDSA-2018-3033 | Medium | Sep 04, 2018 | Cross-site scripting vulnerability in Movable Type versions prior to Ver. 6.3.1 allows remote attackers to inject arbitrary web script or HTML via unsp more... |
3.33, 5.2.13, 1.4, 3.31, 2.0, 2.51, 2.11, 1.31, 2.21, 1.2
|
| CVE-2016-5742 | Critical | Jan 23, 2017 | SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Sou more... |
3.33, 5.2.13, 2.51, 1.1, 3.32, 2.0, 1.2, 1.31, 1.4, 2.21
|
|
| CVE-2015-0845 | Apr 17, 2015 | Format string vulnerability in Movable Type Pro, Open Source, and Advanced before 5.2.13 and Pro and Advanced 6.0.x before 6.0.8 allows remote attacker more... |
3.33, 2.0, 2.51, 3.32, 1.1, 1.2, 1.31, 1.4, 2.21, 2.11
|
||
| CVE-2014-9057 | Dec 16, 2014 | SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to more... |
3.33, 5.2.13, 2.0, 2.51, 3.31, 1.1, 2.21, 1.2, 2.11, 1.31
|
||
| CVE-2014-5313 | Sep 10, 2014 | Cross-site scripting (XSS) vulnerability in the management page in Six Apart Movable Type before 5.2 allows remote authenticated users to inject arbitr more... |
3.33, 5.2.13, 2.51, 3.32, 2.0, 2.21, 2.11, 1.2, 3.31, 1.31
|
||
| CVE-2013-2184 | Mar 27, 2015 | Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_st more... |
3.33, 3.31, 2.0, 2.51, 1.4, 2.11, 1.31, 1.1, 2.21, 1.2
|
||
| CVE-2012-1497 | Mar 03, 2012 | The default configuration of Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 supports the "mt:Include file=" attribute, which allows r more... |
3.33, 2.11, 3.32, 2.51, 1.4, 2.0, 1.31, 2.21, 1.1, 3.31
|
||
| CVE-2012-1262 | Mar 03, 2012 | Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the prod more... |
3.33, 2.11, 3.32, 2.51, 1.4, 2.0, 1.31, 2.21, 1.1, 3.31
|
||
| CVE-2012-0320 | Mar 03, 2012 | Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to more... |
3.33, 3.31, 2.51, 3.32, 2.11, 1.2, 2.0, 1.31, 1.4, 1.1
|
||
| CVE-2012-0319 | Mar 03, 2012 | The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary c more... |
3.33, 2.11, 3.32, 2.51, 1.4, 2.0, 1.31, 2.21, 1.1, 3.31
|
