Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sixapart movable type vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-45113
Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated malicious user to set a specially crafted URL to the Reset Password page and conduct a phishing att...
Sixapart Movable Type
7.2
CVSSv3
CVE-2022-43660
Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versi...
Sixapart Movable Type
6.1
CVSSv3
CVE-2021-20811
Cross-site scripting vulnerability in List of Assets screen of Movable Type (Movable Type 7 r.4903 and previous versions (Movable Type 7 Series), Movable Type 6.8.0 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and previous versions (Movable Type A...
Sixapart Movable Type
6.1
CVSSv3
CVE-2021-20815
Cross-site scripting vulnerability in Edit Boilerplate screen of Movable Type (Movable Type 7 r.4903 and previous versions (Movable Type 7 Series), Movable Type 6.8.0 and previous versions (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and previous versions (Movable Type...
Sixapart Movable Type
5.3
CVSSv3
CVE-2020-5574
HTML attribute value injection vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and previous versions (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and previous versions (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and previous ve...
Sixapart Movable Type
8.8
CVSSv3
CVE-2020-5577
Movable Type series (Movable Type 7 r.4606 (7.2.1) and previous versions (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and previous versions (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and previous versions (Movable Type for AWS 7), Movable Type 6....
Sixapart Movable Type
6.1
CVSSv3
CVE-2020-5575
Cross-site scripting vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and previous versions (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and previous versions (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and previous versions (Mo...
Sixapart Movable Type
NA
CVE-2012-1503
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote malicious users to inject arbitrary web script or HTML via the comment section.
Sixapart Movable Type 5.13
1 EDB exploit
NA
CVE-2015-1592
Movable Type Pro, Open Source, and Advanced prior to 5.2.12 and Pro and Advanced 6.0.x prior to 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote malicious users to include and execute arbitrary local Perl files and possibly execute arbitrary code ...
Debian Debian Linux 7.0
Sixapart Movable Type
1 EDB exploit
NA
CVE-2010-3922
SQL injection vulnerability in Movable Type 4.x prior to 4.35 and 5.x prior to 5.04 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sixapart Movabletype 4.23
Sixapart Movabletype 4.25
Sixapart Movabletype 4.33
Sixapart Movabletype 4.34
Sixapart Movabletype 4.0
Sixapart Movabletype 4.3
Sixapart Movabletype 4.31
Sixapart Movabletype 5.031
Sixapart Movabletype 4.26
Sixapart Movabletype 4.261
Sixapart Movabletype 5.02
Sixapart Movabletype 5.03
Sixapart Movabletype 4.1
Sixapart Movabletype 4.2
Sixapart Movabletype 4.32
Sixapart Movabletype 5.0
Sixapart Movabletype 5.01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »