8 matches found
[SECURITY] [DSA 3183-1] movabletype-opensource security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3183-1] movabletype-opensource security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DSA 3183-1] movabletype-opensource security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3183-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 12, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3183-1 (movabletype-opensource - security update)
Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-2184 Unsafe use of Storable::thaw in the handling of comments to blog posts could allow remote attackers to include and...
CVE-2014-9057
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-9057
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-9057
Summary of CVE-2014-9057 (Movable Type SQLi) : A SQL injection in the XML-RPC interface of Movable Type affected versions including 5.x up to 5.18, 5.2.x prior to 5.2.11, and 6.x prior to 6.0.6. The vulnerability allowed remote attackers to execute arbitrary SQL commands via unspecified vectors. ...
MovableType Unsanitized Input SQL Injection (CVE-2014-9057)
An SQL injection vulnerability was discovered in Movable Type. This vulnerability allows unauthenticated attackers to execute SQL code on the server...