Описание
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 5.2.5 (включая)
cpe:2.3:a:sixapart:movable_type:*:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03196
Низкий
7.5 High
CVSS2
Дефекты
CWE-17
Связанные уязвимости
ubuntu
почти 11 лет назад
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.
debian
почти 11 лет назад
Movable Type before 5.2.6 does not properly use the Storable::thaw fun ...
github
больше 3 лет назад
Movable Type before 5.2.6 does not properly use the Storable::thaw function, which allows remote attackers to execute arbitrary code via the comment_state parameter.
EPSS
Процентиль: 87%
0.03196
Низкий
7.5 High
CVSS2
Дефекты
CWE-17