Lucene search

[email protected]CVE-2013-0209

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-0209

2022-10-0316:15:04

CWE-287

[email protected]

web.nvd.nist.gov

cve

movable type

auth bypass

sql injection

eval injection

database migration

nvd

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.116 Low

EPSS

Percentile

95.3%

JSON

lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injection attack against the core_drop_meta_for_table function, leading to execution of arbitrary Perl code.

Affected configurations

NVD

Node

sixapartmovable_typeMatch4.21

sixapartmovable_typeMatch4.22

sixapartmovable_typeMatch4.23

sixapartmovable_typeMatch4.24

sixapartmovable_typeMatch4.25

sixapartmovable_typeMatch4.26

sixapartmovable_typeMatch4.27

sixapartmovable_typeMatch4.28

sixapartmovable_typeMatch4.28enterprise

sixapartmovable_typeMatch4.28open_source

sixapartmovable_typeMatch4.29

sixapartmovable_typeMatch4.29enterprise

sixapartmovable_typeMatch4.29open_source

sixapartmovable_typeMatch4.31

sixapartmovable_typeMatch4.32

sixapartmovable_typeMatch4.33

sixapartmovable_typeMatch4.34

sixapartmovable_typeMatch4.35

sixapartmovable_typeMatch4.36

sixapartmovable_typeMatch4.37

sixapartmovable_typeMatch4.38

sixapartmovable_typeMatch4.261

sixapartmovable_typeMatch4.291

sixapartmovable_typeMatch4.291enterprise

sixapartmovable_typeMatch4.291open_source

sixapartmovable_typeMatch4.292

sixapartmovable_typeMatch4.292enterprise

sixapartmovable_typeMatch4.292open_source

sixapartmovable_typeMatch4.361

Node

sixapartmovable_typeMatch4.36open_source

sixapartmovable_typeMatch4.37open_source

sixapartmovable_typeMatch4.38open_source

sixapartmovable_typeMatch4.361open_source

CPENameOperatorVersion
sixapart:movable_typesixapart movable typeeq4.21
sixapart:movable_typesixapart movable typeeq4.22
sixapart:movable_typesixapart movable typeeq4.23
sixapart:movable_typesixapart movable typeeq4.24
sixapart:movable_typesixapart movable typeeq4.25
sixapart:movable_typesixapart movable typeeq4.26
sixapart:movable_typesixapart movable typeeq4.27
sixapart:movable_typesixapart movable typeeq4.28
sixapart:movable_typesixapart movable typeeq4.29
sixapart:movable_typesixapart movable typeeq4.31

CPE	Name	Operator	Version
sixapart:movable_type	sixapart movable type	eq	4.21
sixapart:movable_type	sixapart movable type	eq	4.22
sixapart:movable_type	sixapart movable type	eq	4.23
sixapart:movable_type	sixapart movable type	eq	4.24
sixapart:movable_type	sixapart movable type	eq	4.25
sixapart:movable_type	sixapart movable type	eq	4.26
sixapart:movable_type	sixapart movable type	eq	4.27
sixapart:movable_type	sixapart movable type	eq	4.28
sixapart:movable_type	sixapart movable type	eq	4.29
sixapart:movable_type	sixapart movable type	eq	4.31