Unrated severityNVD Advisory· Published Dec 16, 2014· Updated Jun 17, 2026
CVE-2014-9057
CVE-2014-9057
Description
SQL injection vulnerability in the XML-RPC interface in Movable Type before 5.18, 5.2.x before 5.2.11, and 6.x before 6.0.6 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19cpe:2.3:a:sixapart:movable_type:*:*:*:*:*:*:*:*+ 16 more
- cpe:2.3:a:sixapart:movable_type:*:*:*:*:*:*:*:*range: <=5.17
- cpe:2.3:a:sixapart:movable_type:5.2:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:5.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:sixapart:movable_type:6.0.5:*:*:*:*:*:*:*
- Range: <5.18; 5.2.x <5.2.11; 6.x <6.0.6
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.