VYPR
Unrated severityNVD Advisory· Published Nov 3, 2011· Updated Jun 16, 2026

CVE-2011-2676

CVE-2011-2676

Description

The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

8
  • Ark Web/A Form2 versions
    cpe:2.3:a:ark-web:a-form:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ark-web:a-form:*:*:*:*:*:*:*:*range: <=1.3.5
    • cpe:2.3:a:ark-web:a-form:2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ark-web:a-form_bamboo:1.3.5:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:ark-web:a-form_bamboo:1.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ark-web:a-form_bamboo:2.0.2:*:*:*:*:*:*:*
    • (no CPE)range: <1.3.6 (1.x), <2.0.3 (2.x)
  • cpe:2.3:a:ark-web:a-form_pc:*:*:*:*:*:*:*:*
    Range: <=3.0
  • cpe:2.3:a:ark-web:a-form_pc_mobile:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:ark-web:a-form_pc_mobile:*:*:*:*:*:*:*:*range: <=3.0
    • (no CPE)range: <3.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.