Weak Permissions Vulnerability in SKYARC MTCMS and Movable Type Plugins

Weak Permissions Vulnerability in SKYARC MTCMS and Movable Type Plugins

CVE-2011-3993 · MEDIUM Severity

AV:N/AC:L/AU:S/C:N/I:P/A:P

SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors.

Learn more about our Cms Pen Testing.