Movable Type Multiple SQL Injection and Command Injection Vulnerabilities

Bugtraq ID: 57490
Class: Input Validation Error
CVE: CVE-2012-6315
Remote: Yes
Local: No
Published: Jan 07 2013 12:00AM
Updated: Jan 25 2013 05:50AM
Credit: Reported by the vendor.
Vulnerable: Movable Type Movable Type 4.37
Movable Type Movable Type 4.361
Movable Type Movable Type 4.36
Movable Type Movable Type 4.35
Movable Type Movable Type 4.34
Movable Type Movable Type 4.27
Movable Type Movable Type 4.261
Movable Type Movable Type 4.26
Movable Type Movable Type 4.25
Movable Type Movable Type 4.24
Movable Type Movable Type 4.23
Movable Type Movable Type 4.22
Movable Type Movable Type 4.21
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Debian Linux 6.0 amd64
Not Vulnerable: Movable Type Movable Type 4.38


 

Privacy Statement
Copyright 2010, SecurityFocus