Loading
SQL injection vulnerability in the XML-RPC interface in Movable Type Pro and Advanced 6.x before 6.1.3 and 6.2.x before 6.2.6 and Movable Type Open Source 5.2.13 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Use CWE-89, Sixapart vendor hub and Movable Type product page to widen CVE-2016-5742 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2022-38078, CVE-2021-20837 and CVE-2026-25776 for nearby disclosures in the same product family.