CVE-2006-4714

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
12/09/2006
Last modified:
03/04/2025

Description

PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS (aka phpWordPress) 3.2 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classified_path parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:spoonlabs:vivvo_article_management_cms:*:*:*:*:*:*:*:* 3.25 (including)
cpe:2.3:a:spoonlabs:vivvo_article_management_cms:3.2:*:*:*:*:*:*:*