Search Results (Refine Search)
- CPE Product Version: cpe:/a:sixapart:movable_type:4.0:beta2
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2011-5085 |
Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to read or modify data via unknown vectors. Published: April 02, 2012; 2:55:00 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2011-5084 |
Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Published: April 02, 2012; 2:55:00 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2012-0320 |
Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community script. Published: March 02, 2012; 11:04:57 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2012-0317 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the (1) commenting feature or (2) community script. Published: March 02, 2012; 11:04:57 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |