CVE-2010-3922

Published Dec 9, 2010

Last updated 3 months ago

CVSS info 7.5

Overview

Description: SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Source: vultures@jpcert.or.jp
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8FC86B27-E526-481B-9840-8CC2765FCA44"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EE55B1A6-5088-4308-A324-995A697CFA5E"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A414C73F-C8E3-424E-8A59-932A767F5FB4"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "735BEFA2-07E3-4040-9E61-0DA4A5563AC6"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.23:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02A2E180-EE8E-4F1F-8942-1AE52A7136CC"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.25:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CBFF9B6-8600-4E64-A47D-FF470EDA2BAC"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.26:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66E75D18-2099-40E9-8DE8-A596716DA474"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E8210508-9185-4AF3-AF60-DBB006B82C08"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.32:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02871C60-E082-465B-A907-8583FB1223B2"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.33:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BEA2FA53-7C32-4A73-A161-C64D21603F45"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B35AB3E-C117-43C1-AA02-6EA6A50FDE3A"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:4.261:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1DC10F85-874F-4317-BE3C-F8F0FFF3176A"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:5.0:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "77E0EB61-EE1A-4FA3-A644-81F0A551987D"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:5.01:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "12468D6E-01F2-4AE4-9E6A-F096FB12DF2D"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:5.02:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C783A30-16F4-42B1-A180-0E6E9988C365"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:5.03:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "ACB4D3BC-5B51-4F04-8991-4CFADBCD52DA"
          },
          {
            "criteria": "cpe:2.3:a:sixapart:movabletype:5.031:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30E2D15B-83EB-47B8-9D41-B49C6430463A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References