Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2012/03/05 12:0 a.m.27 views

Debian DSA-2423-1 : movabletype-opensource - several vulnerabilities

Several vulnerabilities were discovered in Movable Type, a blogging system : Under certain circumstances, a user who has 'Create Entries' or'Manage Blog' permissions may be able to read known files on the local file system. The file management system contains shell command injection...

7.5CVSS5.9AI score0.02674EPSS
Exploits2References12
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2012/02/23 5:20 a.m.0 views

Movable Type vulnerable to cross-site scripting

Overview Movable Type contains a cross-site scripting vulnerability. mt-wizard.cgi and Movable Type templates contain a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version of each produ...

4.3CVSS6.2AI score0.00516EPSS
Exploits1References5
NVD
NVDadded 2009/07/17 4:30 p.m.10 views

CVE-2009-2492

Cross-site scripting XSS vulnerability in mt-wizard.cgi in Six Apart Movable Type before 4.261 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-2480...

2.6CVSS5.6AI score0.00357EPSS
Exploits0References5
CVE
CVEadded 2009/07/17 4:0 p.m.55 views

CVE-2009-2492

CVE-2009-2492 describes a cross-site scripting (XSS) vulnerability in the Movable Type web application, specifically in the mt-wizard.cgi component. Affected software is Six Apart Movable Type prior to version 4.261. The vulnerability allows remote attackers to inject arbitrary web script or HTML...

2.6CVSS5.7AI score0.00357EPSS
Exploits0References5Affected Software3
NVD
NVDadded 2009/07/16 4:30 p.m.9 views

CVE-2009-2481

mt-wizard.cgi in Six Apart Movable Type before 4.261, when global templates are not initialized, allows remote attackers to bypass access restrictions and 1 send e-mail to arbitrary addresses or 2 obtain sensitive information via unspecified vectors...

5.8CVSS6.6AI score0.00349EPSS
Exploits0References6
CVE
CVEadded 2009/07/16 4:0 p.m.53 views

CVE-2009-2480

CVE-2009-2480 is an XSS in Movable Type’s mt-wizard.cgi affecting versions 4.24 and 4.25 when global templates are not initialized. The vulnerability arises from unsanitized input in the set_static_uri_to parameter, enabling a remote attacker to inject arbitrary script or HTML. Nessus NASL notes ...

4.3CVSS5.7AI score0.00516EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2009/07/16 4:0 p.m.52 views

CVE-2009-2481

Summary: CVE-2009-2481 affects Movable Type prior to 4.261. When global templates are not initialized, mt-wizard.cgi allows remote bypass of access restrictions, enabling (1) sending email to arbitrary addresses and (2) obtaining sensitive information via unspecified vectors. Affected software: M...

5.8CVSS6.7AI score0.00349EPSS
Exploits0References6Affected Software2
Tenable Nessus
Tenable Nessusadded 2009/06/26 12:0 a.m.25 views

Movable Type mt-wizard.cgi set_static_uri_to Parameter XSS

The version of Movable Type running on the remote host has a cross- site scripting vulnerability in 'mt-wizard.cgi'. Input to the 'setstaticurito' parameter is not sanitized. A remote attacker could exploit this by tricking a user into submitting a specially crafted POST request, which would...

4.3CVSS5.9AI score0.00516EPSS
Exploits0References2
Rows per page
Query Builder