VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Mar 3, 2012· Updated Apr 29, 2026

CVE-2012-0319

CVE-2012-0319

Description

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue.

Affected products

120
  • Movabletype/Movable Type Pro30 versions
    cpe:2.3:a:movabletype:movable_type_pro:5.031:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:movabletype:movable_type_pro:5.031:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.051:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:*:*:*:*:*:*:*:*range: <=4.37
    • cpe:2.3:a:movabletype:movable_type_pro:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.01:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.261:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:4.361:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_pro:5.12:*:*:*:*:*:*:*
  • Movabletype/Movable Type Open Source30 versions
    cpe:2.3:a:movabletype:movable_type_open_source:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:movabletype:movable_type_open_source:*:*:*:*:*:*:*:*range: <=4.37
    • cpe:2.3:a:movabletype:movable_type_open_source:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.01:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.261:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:4.361:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.031:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_open_source:5.051:*:*:*:*:*:*:*
  • Movabletype/Movable Type Enterprise30 versions
    cpe:2.3:a:movabletype:movable_type_enterprise:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:movabletype:movable_type_enterprise:*:*:*:*:*:*:*:*range: <=4.37
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.01:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.261:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:4.361:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.031:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_enterprise:5.051:*:*:*:*:*:*:*
  • Movabletype/Movable Type Advanced30 versions
    cpe:2.3:a:movabletype:movable_type_advanced:*:*:*:*:*:*:*:*+ 29 more
    • cpe:2.3:a:movabletype:movable_type_advanced:*:*:*:*:*:*:*:*range: <=4.37
    • cpe:2.3:a:movabletype:movable_type_advanced:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.0:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.01:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.1:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.2:beta:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.23:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.25:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.26:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.31:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.32:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.33:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.34:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.35:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.36:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.261:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:4.361:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.03:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.04:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.05:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.06:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.031:*:*:*:*:*:*:*
    • cpe:2.3:a:movabletype:movable_type_advanced:5.051:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.