Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sixapart movable type vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-45746
Cross-site scripting vulnerability in Movable Type series allows a remote authenticated malicious user to inject an arbitrary script. Affected products/versions are as follows: Movable Type 7 r.5405 and previous versions (Movable Type 7 Series), Movable Type Advanced 7 r.5405 and...
Sixapart Movable Type
NA
CVE-2022-43660
Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versi...
Sixapart Movable Type
NA
CVE-2022-45113
Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated malicious user to set a specially crafted URL to the Reset Password page and conduct a phishing att...
Sixapart Movable Type
NA
CVE-2022-45122
Cross-site scripting vulnerability in Movable Type Movable Type 7 r.5301 and previous versions (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and previous versions (Movable Type Advanced 7 Series), Movable Type 6.8.7 and previous versions (Movable Type 6 Series), Movable...
Sixapart Movable Type
NA
CVE-2022-38078
Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected...
Sixapart Movable Type
3.5
CVSSv2
CVE-2020-5669
Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and previous versions and Movable Type Premium Advanced 1.37 and previous versions allows a remote authenticated malicious user to inject an arbitrary script via unspecified vectors.
Sixapart Movable Type
7.5
CVSSv2
CVE-2021-20837
Movable Type 7 r.5002 and previous versions (Movable Type 7 Series), Movable Type 6.8.2 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.5002 and previous versions (Movable Type Advanced 7 Series), Movable Type Advanced 6.8.2 and previous versions (Movable...
Sixapart Movable Type
8 Github repositories
4.3
CVSSv2
CVE-2021-20808
Cross-site scripting vulnerability in Search screen of Movable Type (Movable Type 7 r.4903 and previous versions (Movable Type 7 Series), Movable Type 6.8.0 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and previous versions (Movable Type Advanced ...
Sixapart Movable Type
4.3
CVSSv2
CVE-2021-20809
Cross-site scripting vulnerability in Create screens of Entry, Page, and Content Type of Movable Type (Movable Type 7 r.4903 and previous versions (Movable Type 7 Series), Movable Type 6.8.0 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and previou...
Sixapart Movable Type
4.3
CVSSv2
CVE-2021-20811
Cross-site scripting vulnerability in List of Assets screen of Movable Type (Movable Type 7 r.4903 and previous versions (Movable Type 7 Series), Movable Type 6.8.0 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and previous versions (Movable Type A...
Sixapart Movable Type
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »