Arbitrary SQL Command Execution in Movable Type XML-RPC Interface
CVE-2014-9057 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Learn more about our Web Application Penetration Testing UK.