CVE-2026-25776

Movable Type provided by Six Apart Ltd. contains a code injection vulnerability which may allow an attacker to execute arbitrary Perl script...

CVE-2026-25776

Movable Type provided by Six Apart Ltd. contains a code injection vulnerability which may allow an attacker to execute arbitrary Perl script...

PT-2026-31107

Name of the Vulnerable Software and Affected Versions Movable Type affected versions not specified Description Movable Type contains a code injection vulnerability that could allow an attacker to execute arbitrary Perl script. This could lead to webshell access. Recommendations At the moment, the...

Six Apart Movable Type 代码注入漏洞

Six Apart Movable Type is an application system developed by the Six Apart company in the United States. It offers features such as multi-user access, comments, Trackbacks, and themes. Six Apart Movable Type has a code injection vulnerability; this vulnerability can be exploited by code injection...

EUVD-2006-3813

Malware in sbrugna...

CVE-2009-2946

Eval injection vulnerability in scripts/uscan.pl before Rev 1984 in devscripts allows remote attackers to execute arbitrary Perl code via crafted pathnames on distribution servers for upstream source code used in Debian GNU/Linux packages...

RHEL 6 / 7 : rh-perl524-mod_perl (RHSA-2018:2826)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2826 advisory. - modperl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess CVE-2011-2767 Note that Nessus has not...

CVE-2022-43660

Improper neutralization of Server-Side Includes SSW within a web page in Movable Type series allows a remote authenticated attacker with Privilege of 'Manage of Content Types' may execute an arbitrary Perl script and/or an arbitrary OS command. Affected products/versions are as follows: Movable...

Six Apart Movable Type 代码注入漏洞

Six Apart Movable Type is an application from Six Apart USA. It provides features such as multiple users, comments, trackbacks, and threads. A security vulnerability exists in Six Apart Movable Type, which can be exploited to execute arbitrary Perl scripts and/or arbitrary operating system comman...

CVE-2022-33941

PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. Affected products/versions are as...

PowerCMS XMLRPC API vulnerable to command injection

Overview PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability CWE-74. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. According to the...

CVE-2013-1437

Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value...

NewStart CGSL MAIN 4.05 : mod_perl Vulnerability (NS-SA-2019-0134)

The remote NewStart CGSL host, running version MAIN 4.05, has modperl packages installed that are affected by a vulnerability: - modperl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there is ...

Fedora 29 : mod_perl (2018-f6a5b71464)

This release fixes CVE-2011-2767 vulnerability an arbitrary Perl code execution in the context of the httpd server by disabling sections in non-server-level configuration. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

Fedora 28 : mod_perl (2018-0ddef94854)

This release fixes CVE-2011-2767 vulnerability an arbitrary Perl code execution in the context of the httpd server by disabling sections in non-server-level configuration. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

USN-3825-2: mod_perl vulnerability

USN-3825-1 fixed a vulnerability in modperl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Jan Ingvoldstad discovered that modperl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation....

USN-3825-1: mod_perl vulnerability

Jan Ingvoldstad discovered that modperl incorrectly handled configuration options to disable being used by unprivileged users, contrary to the documentation. A local attacker could possibly use this issue to execute arbitrary Perl code...

CentOS Update for mod_perl CESA-2018:2737 centos6

Check the version of modperl SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882952";...

[SECURITY] [DLA 1507-1] libapache2-mod-perl2 security update

Package : libapache2-mod-perl2 Version : 2.0.91624218-2+deb8u3 CVE ID : CVE-2011-2767 Debian Bug : 644169 Jan Ingvoldstad discovered that libapache2-mod-perl2 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because contrary to the documentation there ...

CVE-2015-0898

futomi CGI Cafe MP Form Mail CGI eCommerce before 2.0.12 on Windows allows remote attackers to execute arbitrary Perl code via unspecified vectors...