lib/MT/ in mt-upgrade.cgi in Movable Type 4.2x and 4.3x through 4.38 does not require authentication for requests to database-migration functions, which allows remote attackers to conduct eval injection and SQL injection attacks via crafted parameters, as demonstrated by an eval injection attack against the core_drop_meta_for_table function, leading to execution of arbitrary Perl code.
Published 2013-01-23 01:55:01
Updated 2013-01-29 05:00:00
Source Red Hat, Inc.
View at NVD,
Vulnerability category: Sql InjectionBypassGain privilege

Exploit prediction scoring system (EPSS) score for CVE-2013-0209

Probability of exploitation activity in the next 30 days EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2013-0209

  • Movable Type 4.2x, 4.3x Web Upgrade Remote Code Execution
    Disclosure Date: 2013-01-07
    First seen: 2020-04-26
    This module can be used to execute a payload on MoveableType (MT) that exposes a CGI script, mt-upgrade.cgi (usually at /mt/mt-upgrade.cgi), that is used during installation and updating of the platform. The vulnerability arises due to the following propertie

CVSS scores for CVE-2013-0209

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen

CWE ids for CVE-2013-0209

  • When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
    Assigned by: (Primary)

References for CVE-2013-0209

Products affected by CVE-2013-0209

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to terms of use!