Lucene search

K
cvelistRedhatCVELIST:CVE-2013-0209
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-0209

2022-10-0316:15:04
redhat
www.cve.org

7.6 High

AI Score

Confidence

Low

0.116 Low

EPSS

Percentile

95.3%

lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injection attack against the core_drop_meta_for_table function, leading to execution of arbitrary Perl code.

7.6 High

AI Score

Confidence

Low

0.116 Low

EPSS

Percentile

95.3%