Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sixapart movable type vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-45746
Cross-site scripting vulnerability in Movable Type series allows a remote authenticated malicious user to inject an arbitrary script. Affected products/versions are as follows: Movable Type 7 r.5405 and previous versions (Movable Type 7 Series), Movable Type Advanced 7 r.5405 and...
Sixapart Movable Type
5.4
CVSSv3
CVE-2020-5669
Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and previous versions and Movable Type Premium Advanced 1.37 and previous versions allows a remote authenticated malicious user to inject an arbitrary script via unspecified vectors.
Sixapart Movable Type
5.3
CVSSv3
CVE-2020-5574
HTML attribute value injection vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and previous versions (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and previous versions (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and previous ve...
Sixapart Movable Type
NA
CVE-2015-0845
Format string vulnerability in Movable Type Pro, Open Source, and Advanced prior to 5.2.13 and Pro and Advanced 6.0.x prior to 6.0.8 allows remote malicious users to execute arbitrary code via vectors related to localization of templates.
Sixapart Movabletype 6.0.2
Sixapart Movabletype 6.0.3
Sixapart Movabletype 6.0.4
Sixapart Movabletype 6.0.5
Sixapart Movabletype 6.0
Sixapart Movabletype 6.0.1
Sixapart Movabletype
Sixapart Movabletype 6.0.6
Sixapart Movabletype 6.0.7
NA
CVE-2013-2184
Movable Type prior to 5.2.6 does not properly use the Storable::thaw function, which allows remote malicious users to execute arbitrary code via the comment_state parameter.
Sixapart Movable Type
NA
CVE-2015-1592
Movable Type Pro, Open Source, and Advanced prior to 5.2.12 and Pro and Advanced 6.0.x prior to 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote malicious users to include and execute arbitrary local Perl files and possibly execute arbitrary code ...
Debian Debian Linux 7.0
Sixapart Movable Type
1 EDB exploit
NA
CVE-2014-9057
SQL injection vulnerability in the XML-RPC interface in Movable Type prior to 5.18, 5.2.x prior to 5.2.11, and 6.x prior to 6.0.6 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Debian Debian Linux 7.0
Sixapart Movable Type 6.0.5
Sixapart Movable Type 6.0
Sixapart Movable Type 5.2.2
Sixapart Movable Type 5.2.4
Sixapart Movable Type 5.2.9
Sixapart Movable Type
Sixapart Movable Type 6.0.4
Sixapart Movable Type 6.0.3
Sixapart Movable Type 6.0.2
Sixapart Movable Type 6.0.1
Sixapart Movable Type 5.2.5
Sixapart Movable Type 5.2.6
Sixapart Movable Type 5.2.7
Sixapart Movable Type 5.2.8
Sixapart Movable Type 5.2
Sixapart Movable Type 5.2.3
Sixapart Movable Type 5.2.10
NA
CVE-2014-5313
Cross-site scripting (XSS) vulnerability in the management page in Six Apart Movable Type prior to 5.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Sixapart Movabletype
Sixapart Movabletype 5.13
Sixapart Movabletype 5.12
Sixapart Movabletype 5.04
Sixapart Movabletype 5.11
NA
CVE-2012-1503
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote malicious users to inject arbitrary web script or HTML via the comment section.
Sixapart Movable Type 5.13
1 EDB exploit
NA
CVE-2014-0977
Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x prior to 5.161, 5.2.x prior to 5.2.9, and 6.0.x prior to 6.0.1 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sixapart Movabletype 5.11
Sixapart Movabletype 5.12
Sixapart Movabletype 5.2.7
Sixapart Movabletype 6.0
Sixapart Movabletype 5.15
Sixapart Movabletype 5.2
Sixapart Movabletype 5.2.2
Sixapart Movabletype 5.02
Sixapart Movabletype 5.01
Sixapart Movabletype 5.04
Sixapart Movabletype 5.2.3
Sixapart Movabletype 5.2.6
Sixapart Movabletype 5.0
Sixapart Movabletype 5.13
Sixapart Movabletype 5.14
Sixapart Movabletype 5.031
Sixapart Movabletype 5.03
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »