Vulnerabilities > Envivosoft > Envivo CMS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-15 | CVE-2007-3783 | SQL-Injection vulnerability in Envivo Cms SQL injection vulnerability in default.asp in enVivo!CMS allows remote attackers to execute arbitrary SQL commands via the ID parameter in an article action. | 7.5 |
| 2005-05-03 | CVE-2005-1413 | SQL Injection vulnerability in Envivosoft Envivo CMS 3.54 Multiple SQL injection vulnerabilities in enVivo!CMS allow remote attackers to execute arbitrary SQL commands and gain privileges via the (1) username or (2) password parameters to admin_login.asp, or the (3) searchstring and possibly (4) ID parameters to default.asp. | 7.5 |