Vulnerabilities > SIX Apart > Movable Type > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-07-17 | CVE-2009-2492 | Cross-Site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart Movable Type before 4.261 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-2480. | 2.6 |
| 2008-10-21 | CVE-2008-4634 | Cross-Site Scripting vulnerability in SIX Apart Movable Type 4/4.20 Cross-site scripting (XSS) vulnerability in Movable Type 4 through 4.21 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the administrative page, a different vulnerability than CVE-2008-4079. | 3.5 |
| 2005-12-31 | CVE-2005-4690 | Unspecified vulnerability in SIX Apart Movable Type 3.16 Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types (such as HTML and image files) by selecting an arbitrary directory as a blog's top-level directory. | 2.1 |
| 2005-09-28 | CVE-2005-3104 | Remote Security vulnerability in SIX Apart Movable Type 3.16 mt-comments.cgi in Movable Type before 3.2 allows attackers to redirect users to other web sites via URLs in comments. | 2.6 |