Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sixapart movable type vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-38078
Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected...
Sixapart Movable Type
9.8
CVSSv3
CVE-2021-20837
Movable Type 7 r.5002 and previous versions (Movable Type 7 Series), Movable Type 6.8.2 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and previous versions (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and previous versions (Movable...
Sixapart Movable Type
8 Github repositories
9.8
CVSSv3
CVE-2016-5742
SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x prior to 6.1.3 and 6.2.x prior to 6.2.6 and Movable Type Open Source 5.2.13 and previous versions allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sixapart Movable Type 6.1.1
Sixapart Movable Type 6.1.0
Sixapart Movable Type 6.0.8
Sixapart Movable Type 6.0.1
Sixapart Movable Type 6.0
Sixapart Movable Type 6.0.7
Sixapart Movable Type 6.2.4
Sixapart Movable Type 6.2.2
Sixapart Movable Type 6.0.5
Sixapart Movable Type 6.0.4
Sixapart Movable Type 6.2.0
Sixapart Movable Type 6.1.2
Sixapart Movable Type 6.0.3
Sixapart Movable Type 6.0.2
Sixapart Movable Type Open Source
Sixapart Movable Type 6.0.6
8.8
CVSSv3
CVE-2020-5576
Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and previous versions (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and previous versions (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and previous...
Sixapart Movable Type
8.8
CVSSv3
CVE-2020-5577
Movable Type series (Movable Type 7 r.4606 (7.2.1) and previous versions (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and previous versions (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and previous versions (Movable Type for AWS 7), Movable Type 6....
Sixapart Movable Type
7.2
CVSSv3
CVE-2022-43660
Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versi...
Sixapart Movable Type
6.5
CVSSv3
CVE-2022-45113
Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated malicious user to set a specially crafted URL to the Reset Password page and conduct a phishing att...
Sixapart Movable Type
6.1
CVSSv3
CVE-2022-45122
Cross-site scripting vulnerability in Movable Type Movable Type 7 r.5301 and previous versions (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and previous versions (Movable Type Advanced 7 Series), Movable Type 6.8.7 and previous versions (Movable Type 6 Series), Movable...
Sixapart Movable Type
6.1
CVSSv3
CVE-2021-20808
Cross-site scripting vulnerability in Search screen of Movable Type (Movable Type 7 r.4903 and previous versions (Movable Type 7 Series), Movable Type 6.8.0 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and previous versions (Movable Type Advanced ...
Sixapart Movable Type
6.1
CVSSv3
CVE-2021-20809
Cross-site scripting vulnerability in Create screens of Entry, Page, and Content Type of Movable Type (Movable Type 7 r.4903 and previous versions (Movable Type 7 Series), Movable Type 6.8.0 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and previou...
Sixapart Movable Type
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »