Lucene search
PRIOn knowledge basePRION:CVE-2013-0209HistoryJan 23, 2013 - 1:55 a.m.
Sql injection
2013-01-2301:55:00
PRIOn knowledge base
www.prio-n.com
7
lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injection attack against the core_drop_meta_for_table function, leading to execution of arbitrary Perl code.
Related
cve
cve
CVE-2013-0209
2022-10-03 16:15:04
CVE-2012-6315
2022-10-03 16:15:28
nessus
nessus
Movable Type mt-upgrade.cgi Remote Command Execution
2013-01-25 00:00:00
Debian DSA-2611-1 : movabletype-opensource - several vulnerabilities
2013-01-23 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2611-1)
2013-01-21 00:00:00
Debian Security Advisory DSA 2611-1 (movabletype-opensource - several vulnerabilities)
2013-01-22 00:00:00
Movable Type Multiple SQL Injection and Command Injection Vulnerabilities
2013-01-31 00:00:00
seebug
seebug
Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
2014-07-01 00:00:00
debian
debian
[SECURITY] [DSA 2611-1] movabletype-opensource security update
2013-01-22 06:35:05
checkpoint_advisories
checkpoint_advisories
Movable Type Web Upgrade Remote Code Execution (CVE-2013-0209)
2016-12-06 00:00:00
metasploit
metasploit
Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
2013-01-22 11:58:24
securityvulns
securityvulns
[SECURITY] [DSA 2611-1] movabletype-opensource security update
2013-01-28 00:00:00
ubuntucve
ubuntucve
CVE-2013-0209
2013-01-23 00:00:00
cvelist
cvelist
CVE-2013-0209
2022-10-03 16:15:04
nvd
nvd
CVE-2013-0209
2013-01-23 01:55:01
CVE-2012-6315
2013-01-23 01:55:00
packetstorm
packetstorm
Movable Type 4.2x / 4.3x Web Upgrade Remote Code Execution
2013-01-25 00:00:00
exploitdb
exploitdb
Movable Type 4.2x/4.3x - Web Upgrade Remote Code Execution (Metasploit)
2013-01-07 00:00:00