Arbitrary Code Execution Vulnerability in Movable Type Pro and Advanced
CVE-2015-1592 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly execute arbitrary code via unspecified vectors.
Learn more about our Open Source Audit.