mt-wizard.cgi in Six Apart Movable Type prior to 4.261, when global templates are not initialized, allows remote malicious users to bypass access restrictions and (1) send e-mail to arbitrary addresses or (2) obtain sensitive information via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sixapart movable type 4.21 |
||
sixapart movable type 4.1 |
||
sixapart movable type 4.01 |
||
sixapart movable type 3.34 |
||
sixapart movable type 3.33 |
||
sixapart movable type 3.14 |
||
sixapart movable type 3.12 |
||
sixapart movable type 3.11 |
||
sixapart movable type 1.3 |
||
sixapart movable type 1.2 |
||
six apart movable type 4.20 |
||
six apart movable type 3.36 |
||
six apart movable type 2.6 |
||
six apart movable type 1.54 |
||
sixapart movable type 4.23 |
||
sixapart movable type 4.12 |
||
sixapart movable type 4.0 |
||
sixapart movable type 3.35 |
||
sixapart movable type 3.16 |
||
sixapart movable type 3.15 |
||
sixapart movable type 1.4 |
||
sixapart movable type 1.31 |
||
six apart movable type 3.16 |
||
six apart movable type 2.63 |
||
sixapart movable type 4.25 |
||
sixapart movable type 4.2 |
||
sixapart movable type 3.2 |
||
sixapart movable type 3.17 |
||
sixapart movable type 3.01d |
||
sixapart movable type 1.5 |
||
six apart movable type 4.25 |
||
six apart movable type 3.3 |
||
six apart movable type 3.17 |
||
sixapart movable type |
||
sixapart movable type 3.32 |
||
sixapart movable type 3.3 |
||
sixapart movable type 3.1 |
||
sixapart movable type 3.0d |
||
sixapart movable type 1.1 |
||
sixapart movable type 1.00 |
||
six apart movable type 3.33 |
||
six apart movable type 3.32 |