Vulnerabilities > Spoonlabs
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-07-21 | CVE-2007-3939 | SQL Injection vulnerability in SpoonLabs Vivvo CMS SQL injection vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) CMS 3.4 and earlier allows remote attackers to execute arbitrary SQL commands via the category parameter. network spoonlabs | 6.8 |
| 2007-02-21 | CVE-2007-1031 | Path Traversal vulnerability in Spoonlabs Vivvo Article Management CMS 3.4 Directory traversal vulnerability in include/db_conn.php in SpoonLabs Vivvo Article Management CMS 3.4 allows remote attackers to include and execute arbitrary local files via the root parameter. | 6.8 |
| 2007-01-30 | CVE-2007-0574 | SQL Injection vulnerability in Spoonlabs Vivvo Article Management CMS 3.40 SQL injection vulnerability in rss/show_webfeed.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.40 allows remote attackers to execute arbitrary SQL commands via the wcHeadlines parameter, a different vector than CVE-2006-4715. | 7.5 |
| 2006-09-12 | CVE-2006-4715 | SQL Injection vulnerability in Spoonlabs Vivvo Article Management CMS 3.2 SQL injection vulnerability in pdf_version.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter. | 7.5 |
| 2006-09-12 | CVE-2006-4714 | Remote Security vulnerability in Spoonlabs Vivvo Article Management CMS 3.2 PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter. | 5.1 |