Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:10 a.m.7 views

CVE-2013-0209

lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injecti...

7.5CVSS8.3AI score0.45201EPSS
Exploits5References1
Check Point Advisories
Check Point Advisories
added 2016/12/06 12:0 a.m.42 views

Movable Type Web Upgrade Remote Code Execution (CVE-2013-0209)

A script injection and execution vulnerability has been reported in Movable Type. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary Perl code and SQL commands on the affected system...

7.5CVSS4.4AI score0.45201EPSS
Exploits5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.38 views

Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4...

7.5CVSS0.1AI score0.45201EPSS
Exploits5
securityvulns
securityvulns
added 2013/01/28 12:0 a.m.71 views

[SECURITY] [DSA 2611-1] movabletype-opensource security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2611-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez January 22, 2013 http://www.debian.org/security/faq -...

7.5CVSS1.6AI score0.45201EPSS
Exploits5
Cvelist
Cvelist
added 2013/01/23 1:0 a.m.32 views

CVE-2013-0209

lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injecti...

7.6AI score0.45201EPSS
Exploits5References4
Circl
Circl
added 2013/01/07 12:0 a.m.11 views

CVE-2013-0209

creationtimestamp| type| source ---|---|--- 2013-01-07 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/24321 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/movabletypeupgradeexec.rb 2025-02-06 03:13:41+00:00|...

7.5CVSS5.7AI score0.45201EPSS
Exploits5References2
Exploit DB
Exploit DB
added 2013/01/07 12:0 a.m.44 views

Movable Type 4.2x/4.3x - Web Upgrade Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit4 'Movable Type 4.2x, 4.3x Web Upgrade...

7AI score
Exploits0
Rows per page
Query Builder