Multiple vulnerabilities have been discovered in Movable Type, a blogging system. The Common Vulnerabilities and Exposures project identifies the following problems:
CVE-2013-2184
Unsafe use of Storable::thaw in the handling of comments to blog
posts could allow remote attackers to include and execute arbitrary
local Perl files or possibly remotely execute arbitrary code.
CVE-2014-9057
Netanel Rubin from Check Point Software Technologies discovered a
SQL injection vulnerability in the XML-RPC interface allowing
remote attackers to execute arbitrary SQL commands.
CVE-2015-1592
The Perl Storable::thaw function is not properly used, allowing
remote attackers to include and execute arbitrary local Perl files
and possibly remotely execute arbitrary code.
5.1.4+dfsg-4+deb7u2