Vulnerabilities > Sixapart > Movabletype > 4.33

DATE CVE VULNERABILITY TITLE RISK
2010-12-09 CVE-2010-4511 Unspecified vulnerability in Movable Type (CVE-2010-4511)
Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 has unknown impact and attack vectors related to the "dynamic publishing error message."
network
low complexity
sixapart
critical
 10.0
10
2010-12-09 CVE-2010-4509 Security vulnerability in Movable Type
Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 and 5.x before 5.04 have unknown impact and attack vectors related to the (1) mt:AssetProperty and (2) mt:EntryFlag tags.
network
low complexity
sixapart
critical
 10.0
10
2010-12-09 CVE-2010-3922 SQL Injection vulnerability in Sixapart Movabletype
SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
sixapart CWE-89
7.5
7.5
2010-12-09 CVE-2010-3921 Cross-Site Scripting vulnerability in Sixapart Movabletype
Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
sixapart CWE-79
4.3
4.3