Lucene search
HistoryMar 27, 2015 - 2:59 p.m.
CVE-2013-2184
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.025 Low
EPSS
Percentile
90.2%
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.
Affected configurations
Node
sixapartmovable_typeRange≤5.2.5
Related
cve
cve
CVE-2013-2184
2015-03-27 14:59:00
openvas
openvas
Movable Type Arbitrary Code Execution Vulnerability
2015-04-13 00:00:00
Debian: Security Advisory (DSA-3183-1)
2015-03-11 00:00:00
ubuntucve
ubuntucve
CVE-2013-2184
2015-03-27 00:00:00
prion
prion
Code injection
2015-03-27 14:59:00
cvelist
cvelist
CVE-2013-2184
2015-03-27 14:00:00
nessus
nessus
Movable Type 5.2.X < 5.2.6 Unspecified Vulnerability
2013-07-24 00:00:00
Debian DSA-3183-1 : movabletype-opensource - security update
2015-03-13 00:00:00
debian
debian
[SECURITY] [DSA 3183-1] movabletype-opensource security update
2015-03-12 15:22:32
[SECURITY] [DSA 3183-1] movabletype-opensource security update
2015-03-12 15:22:32
securityvulns
securityvulns
[SECURITY] [DSA 3183-1] movabletype-opensource security update
2015-03-23 00:00:00
osv
osv
movabletype-opensource - security update
2015-03-12 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.025 Low
EPSS
Percentile
90.2%
Related for NVD:CVE-2013-2184