Vulnerability Details CVE-2011-2676
The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 73.4%
CVSS Severity
CVSS v2 Score 5.5
Products affected by CVE-2011-2676
-
cpe:2.3:a:ark-web:a-form:*
-
cpe:2.3:a:ark-web:a-form:2.0.2
-
cpe:2.3:a:ark-web:a-form_bamboo:1.3.5
-
cpe:2.3:a:ark-web:a-form_bamboo:2.0.2
-
cpe:2.3:a:ark-web:a-form_pc:*
-
cpe:2.3:a:ark-web:a-form_pc_mobile:*
-
cpe:2.3:a:six_apart:movable_type:*