SKYARC MTCMS before 5.252, and the MultiFileUploader 0.44 and earlier, DuplicateEntry 1.2 and earlier, MailPack 1.741 and earlier, and AutoTagging 0.08 and earlier plugins for Movable Type, uses weak permissions, which allows remote authenticated users to modify files and settings via unspecified vectors.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:31
Type | Values Removed | Values Added |
---|---|---|
References | () http://jvn.jp/en/jp/JVN41032068/index.html - | |
References | () http://jvndb.jvn.jp/jvndb/JVNDB-2011-000093 - | |
References | () http://www.mtcms.jp/news/product/201110131921.html - |
Information
Published : 2011-11-03 17:55
Updated : 2024-11-21 01:31
NVD link : CVE-2011-3993
Mitre link : CVE-2011-3993
CVE.ORG link : CVE-2011-3993
JSON object : View
Products Affected
skyarc
- mtcms
- autotagging
- mailpack
- duplicateentry
- multifileuploader
CWE
CWE-264
Permissions, Privileges, and Access Controls