Back to search
CVE-2005-4690
Published: Feb 1, 2006
Modified: Sep 16, 2024
PUBLISHED
Description
Six Apart Movable Type 3.16 allows local users with blog-creation privileges to create or overwrite arbitrary files of certain types (such as HTML and image files) by selecting an arbitrary directory as a blog's top-level directory. NOTE: this issue can be used in conjunction with CVE-2005-3102 to create or overwrite arbitrary files of all types.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20051103 Buggy blogging
mailing-list
x_refsource_FULLDISC
15302
vdb-entry
x_refsource_BID
16899
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now