All vulnerabilities
43 / 43
Sort
9.8
CVE-2021-20837DEB
Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Mova…
2021-01-01Pre-auth
EPSS88.1%
pct 99
7.5
CVE-2015-1592DEB
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0…
2015-01-01
EPSS75.0%
pct 99
7.5
CVE-2013-0209DEB
lib/MT/Upgrade.pm in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require…
2013-01-01
EPSS45.2%
pct 98
7.5
CVE-2013-2184DEB
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remot…
2013-01-01
EPSS3.6%
pct 88
7.5
CVE-2012-0320DEB
Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to tak…
2012-01-01
EPSS2.7%
pct 84
7.5
CVE-2011-5085DEB
Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote att…
2011-01-01
EPSS2.0%
pct 78
4.3
CVE-2012-1503CVE
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT)…
2012-01-01
EPSS2.0%
pct 78
7.5
CVE-2014-9057DEB
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before …
2014-01-01
EPSS2.0%
pct 78
9.8
CVE-2022-38078DEB
Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. …
2022-01-01Pre-auth
EPSS1.9%
pct 76
8.8
CVE-2020-5577DEB
Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type A…
2020-01-01
EPSS1.7%
pct 74
9.8
CVE-2016-5742DEB
SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x befor…
2016-01-01Pre-auth
EPSS1.6%
pct 73
4.3
CVE-2011-5084DEB
Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 al…
2011-01-01
EPSS1.4%
pct 69
10.0
CVE-2009-0752DEB
Unspecified vulnerability in Movable Type Pro and Community Solution 4.x before 4.24 has unknow…
2009-01-01
EPSS1.4%
pct 68
5.8
CVE-2009-2481CVE
mt-wizard.cgi in Six Apart Movable Type before 4.261, when global templates are not initialized…
2009-01-01
EPSS1.2%
pct 65
4.3
CVE-2010-1985CVE
Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in Six…
2010-01-01
EPSS1.2%
pct 64
4.3
CVE-2008-5808CVE
Cross-site scripting (XSS) vulnerability in Six Apart Movable Type Enterprise (MTE) 1.x before …
2008-01-01
EPSS1.2%
pct 64
5.3
CVE-2020-5574DEB
HTML attribute value injection vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2…
2020-01-01Pre-auth
EPSS1.2%
pct 64
4.3
CVE-2007-6751CVE
Cross-site scripting (XSS) vulnerability in the MailForm plugin before 1.20 for Movable Type al…
2007-01-01
EPSS1.1%
pct 62
6.8
CVE-2012-0317DEB
Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x be…
2012-01-01
EPSS1.1%
pct 61
2.6
CVE-2009-2492DEB
Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart Movable Type before 4.26…
2009-01-01
EPSS1.1%
pct 60
4.3
CVE-2008-5845DEB
Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) before 4.23 …
2008-01-01
EPSS1.1%
pct 59
4.0
CVE-2008-5846DEB
Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permissio…
2008-01-01
EPSS1.0%
pct 58
7.2
CVE-2022-43660DEB
Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series …
2022-01-01
EPSS1.0%
pct 57
6.1
CVE-2020-5575DEB
Cross-site scripting vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and ea…
2020-01-01Pre-auth
EPSS0.9%
pct 56
6.1
CVE-2021-20814DEB
Cross-site scripting vulnerability in Setting screen of ContentType Information Widget Plugin o…
2021-01-01Pre-auth
EPSS0.9%
pct 55
6.1
CVE-2021-20810DEB
Cross-site scripting vulnerability in Website Management screen of Movable Type (Movable Type 7…
2021-01-01Pre-auth
EPSS0.9%
pct 55
6.1
CVE-2021-20815DEB
Cross-site scripting vulnerability in Edit Boilerplate screen of Movable Type (Movable Type 7 r…
2021-01-01Pre-auth
EPSS0.9%
pct 54
6.1
CVE-2021-20813DEB
Cross-site scripting vulnerability in Edit screen of Content Data of Movable Type (Movable Type…
2021-01-01Pre-auth
EPSS0.9%
pct 54
6.1
CVE-2021-20812DEB
Cross-site scripting vulnerability in Setting screen of Server Sync of Movable Type (Movable Ty…
2021-01-01Pre-auth
EPSS0.9%
pct 54
6.1
CVE-2021-20811DEB
Cross-site scripting vulnerability in List of Assets screen of Movable Type (Movable Type 7 r.4…
2021-01-01Pre-auth
EPSS0.9%
pct 54
6.1
CVE-2021-20809DEB
Cross-site scripting vulnerability in Create screens of Entry, Page, and Content Type of Movabl…
2021-01-01Pre-auth
EPSS0.9%
pct 54
6.1
CVE-2021-20808DEB
Cross-site scripting vulnerability in Search screen of Movable Type (Movable Type 7 r.4903 and …
2021-01-01Pre-auth
EPSS0.9%
pct 54
6.1
CVE-2019-6025DEB
Open redirect vulnerability in Movable Type series Movable Type 7 r.4602 (7.1.3) and earlier (M…
2019-01-01Pre-auth
EPSS0.9%
pct 53
8.8
CVE-2020-5576DEB
Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (…
2020-01-01Pre-auth
EPSS0.8%
pct 53
6.1
CVE-2020-5528DEB
Cross-site scripting vulnerability in Movable Type series (Movable Type 7 r.4603 and earlier (M…
2020-01-01Pre-auth
EPSS0.8%
pct 52
6.1
CVE-2018-0672DEB
Cross-site scripting vulnerability in Movable Type versions prior to Ver. 6.3.1 allows remote a…
2018-01-01Pre-auth
EPSS0.8%
pct 52
6.5
CVE-2022-45113DEB
Improper validation of syntactic correctness of input vulnerability exist in Movable Type serie…
2022-01-01Pre-auth
EPSS0.6%
pct 44
5.4
CVE-2020-5669DEB
Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and earlier and Mo…
2020-01-01
EPSS0.6%
pct 43
6.1
CVE-2022-45122DEB
Cross-site scripting vulnerability in Movable Type Movable Type 7 r.5301 and earlier (Movable T…
2022-01-01Pre-auth
EPSS0.5%
pct 39
9.3
CVE-2026-25776ANC
Movable Type provided by Six Apart Ltd. contains a code injection vulnerability which may allow…
2026-01-01Pre-auth
EPSS0.5%
pct 36
Select a vulnerability on the left to open the preview.